@dev.sail.money/sailor 0.0.2-21 → 0.0.2-22

package/packages/cli/dist/index.cjs

@@ -35208,65 +35208,74 @@ var {
 
 // ../chains/dist/index.js
 var chains = {
-  // Base Sepolia (testnet)
-  84532: {
-    chainId: 84532,
-    name: "Base Sepolia",
-    // SAIL-405 redeploy (2026-06-04, gitCommit 6d872e6) — adds owner-gated
-    // setManager(newManager) to rotate the delegated signer. Genesis allowlist
-    // bootstrap + createAccount fix carried over; allowlistBootstrapped=true,
-    // zero fees. Supersedes 0xcC50009115DAaBCB40513e03a1a0Cc2Fdf6Be558.
-    kernel: "0xf1D0F4C9893612627409948BAa9d82a01a373799",
-    mandateFactory: "0xdfF6a2272F667cDf78Af4681b9c88A219998db95",
-    governance: "0xEaD44bC6999E7b00b9b2E11c1660248DC2a30993",
+  // Ethereum mainnet
+  1: {
+    chainId: 1,
+    name: "Ethereum",
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    kernel: "0x02ABC18B65A328de2e749F56ba79ACF2718a6659",
+    mandateFactory: "0x14EDd6c2a56EfC0d71E215ab13094B9AF90543d2",
+    governance: "0x7A478118715791728BDE3bc7A4D7ECfdEB89C6EC",
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
     protocols: {}
   },
   // Base mainnet
   8453: {
     chainId: 8453,
     name: "Base",
-    // SAIL-405 redeploy (2026-06-04, gitCommit 0ed0561) — adds owner-gated
-    // setManager(newManager) to rotate the delegated signer. Genesis allowlist
-    // bootstrap carried over; allowlistBootstrapped=true, zero fees.
-    // Supersedes 0x20eff0DbE752e22655A6dAA5A94521FA06CDdE06.
-    kernel: "0x6319d3dfDDe3804ba93D65752b00c52bFb05a1ab",
-    mandateFactory: "0x7724EACd97C8601d5AC244Aadbf76ad87353Ff31",
-    governance: "0x7E897D919872b1587577617ffFC42113679d0C50",
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    // Supersedes 0x6319d3dfDDe3804ba93D65752b00c52bFb05a1ab (SAIL-405).
+    kernel: "0x02ABC18B65A328de2e749F56ba79ACF2718a6659",
+    mandateFactory: "0x14EDd6c2a56EfC0d71E215ab13094B9AF90543d2",
+    governance: "0x7A478118715791728BDE3bc7A4D7ECfdEB89C6EC",
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
     protocols: {}
   },
   // Arbitrum mainnet
   42161: {
     chainId: 42161,
     name: "Arbitrum",
-    // SAIL-405 redeploy (2026-06-04, gitCommit 0ed0561) — adds owner-gated
-    // setManager(newManager) to rotate the delegated signer. Genesis allowlist
-    // bootstrap carried over (bootstrap sent as a standalone tx post-core-deploy);
-    // allowlistBootstrapped=true, zero fees.
-    // Supersedes 0x9AF32E0C395fb31f5cA28994351F8fAE3003e125.
-    kernel: "0x2716B12832DED0EF5688519c5Fe069EFc0374E02",
-    mandateFactory: "0x23681A8A4C9819D8EaB37E46B858da6F3c85E683",
-    governance: "0xd6AbB7A1036ADc7958Abffec9Da03450c5a2Ec8e",
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    // Supersedes 0x2716B12832DED0EF5688519c5Fe069EFc0374E02 (SAIL-405).
+    kernel: "0x02ABC18B65A328de2e749F56ba79ACF2718a6659",
+    mandateFactory: "0x14EDd6c2a56EfC0d71E215ab13094B9AF90543d2",
+    governance: "0x7A478118715791728BDE3bc7A4D7ECfdEB89C6EC",
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
     protocols: {}
   },
   // Unichain mainnet
   130: {
     chainId: 130,
     name: "Unichain",
-    // SAIL-406 deploy (2026-06-05, gitCommit 2c9e325) — full protocol deploy:
-    // core + the complete template suite (7 shared + 12 standalone), all
-    // source-verified on uniscan.xyz. Genesis allowlist bootstrap
-    // (allowlistBootstrapped=true), zero fees, onboarding live.
-    kernel: "0xD985029960a9B7C2E7E38e102C448b8b8539B156",
-    mandateFactory: "0x8edDb62Aa49CeB837abf2653be2d93Ad9Fe6777D",
-    governance: "0xAb5C90ECfF2763f6f20f8E553E3b8778dD9C349A",
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    // Supersedes 0xD985029960a9B7C2E7E38e102C448b8b8539B156 (SAIL-406).
+    kernel: "0x02ABC18B65A328de2e749F56ba79ACF2718a6659",
+    mandateFactory: "0x14EDd6c2a56EfC0d71E215ab13094B9AF90543d2",
+    governance: "0x7A478118715791728BDE3bc7A4D7ECfdEB89C6EC",
+    dispatchModel: "selective",
+    protocols: {}
+  },
+  // Base Sepolia (testnet)
+  84532: {
+    chainId: 84532,
+    name: "Base Sepolia",
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    // Supersedes 0xf1D0F4C9893612627409948BAa9d82a01a373799 (SAIL-405).
+    kernel: "0x02ABC18B65A328de2e749F56ba79ACF2718a6659",
+    mandateFactory: "0x14EDd6c2a56EfC0d71E215ab13094B9AF90543d2",
+    governance: "0x7A478118715791728BDE3bc7A4D7ECfdEB89C6EC",
+    dispatchModel: "selective",
+    protocols: {}
+  },
+  // Eth Sepolia (testnet)
+  11155111: {
+    chainId: 11155111,
+    name: "Eth Sepolia",
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    kernel: "0x02ABC18B65A328de2e749F56ba79ACF2718a6659",
+    mandateFactory: "0x14EDd6c2a56EfC0d71E215ab13094B9AF90543d2",
+    governance: "0x7A478118715791728BDE3bc7A4D7ECfdEB89C6EC",
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
     protocols: {}
   }
 };
@@ -35690,178 +35699,148 @@ async function detectKernelCapabilities(publicClient, kernel, opts) {
 }
 
 // ../sdk/dist/deployments.js
+var CREATE2_KERNEL = "0x02ABC18B65A328de2e749F56ba79ACF2718a6659";
+var CREATE2_GOVERNANCE = "0x7A478118715791728BDE3bc7A4D7ECfdEB89C6EC";
+var CREATE2_TIMELOCK = "0xE48Ba8DB6d748adafD13155c3590f62e58a77f56";
+var CREATE2_SAFE_MODULE_ENABLER = "0x7897Cb53a4be4a2eaAf46D60573C4Fd83b33fE1F";
+var CREATE2_MANDATE_FACTORY = "0x14EDd6c2a56EfC0d71E215ab13094B9AF90543d2";
+var CREATE2_STANDARD_FEE_POLICY = "0xe7B5901b839cFFDEd9D4108A22712C8BfdA1D80D";
+var CREATE2_TREASURY = "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6";
 var sailDeployments = {
-  84532: {
-    // SAIL-405 redeploy (2026-06-04, gitCommit 6d872e6): adds owner-gated
-    // setManager(newManager) to rotate the SMA's delegated signer (clears the
-    // permission set + bumps the nonce epoch). Genesis allowlist bootstrap +
-    // local CREATE2 proxy prediction carried over; allowlistBootstrapped=true,
-    // createAccount verified working, zero fees, onboarding live. Supersedes
-    // 0xcC50009115DAaBCB40513e03a1a0Cc2Fdf6Be558. Only `core` was redeployed;
-    // shared/standalone permission templates are NOT yet deployed against this
-    // kernel (run the templates targets + refill the template maps before clones).
-    chainId: 84532,
-    blockNumber: 42400417,
-    deployer: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
-    governance: "0xEaD44bC6999E7b00b9b2E11c1660248DC2a30993",
-    timelock: "0x97B863e392C9859336788D5Ec454527d33C95B74",
-    kernel: "0xf1D0F4C9893612627409948BAa9d82a01a373799",
-    permissionFactory: "0xdfF6a2272F667cDf78Af4681b9c88A219998db95",
-    standardFeePolicy: "0x05570F7973b46Eb9Ed4518422891EFC26BD58b97",
-    safeModuleEnabler: "0xB2C2B52d94412e3472C9fb2B52186eA12a935869",
-    treasury: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
+  // ── Ethereum mainnet ─────────────────────────────────────────────────────────
+  1: {
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    // allowlistBootstrapped=true (genesis bootstrap), zero fees, 48h timelock.
+    chainId: 1,
+    blockNumber: 25280925,
+    deployer: CREATE2_TREASURY,
+    governance: CREATE2_GOVERNANCE,
+    timelock: CREATE2_TIMELOCK,
+    kernel: CREATE2_KERNEL,
+    mandateFactory: CREATE2_MANDATE_FACTORY,
+    standardFeePolicy: CREATE2_STANDARD_FEE_POLICY,
+    safeModuleEnabler: CREATE2_SAFE_MODULE_ENABLER,
+    treasury: CREATE2_TREASURY,
     maxPermissionFeeWei: 1000000000000000n,
     initialBaseFee: 0n,
     initialComplexityRate: 0n,
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
     knownTemplates: [],
     standaloneTemplates: {}
   },
+  // ── Base mainnet ─────────────────────────────────────────────────────────────
   8453: {
-    // SAIL-405 redeploy (2026-06-04, gitCommit 0ed0561): adds owner-gated
-    // setManager(newManager) to rotate the SMA's delegated signer (clears the
-    // permission set + bumps the nonce epoch). Genesis allowlist bootstrap +
-    // local CREATE2 proxy prediction carried over; allowlistBootstrapped=true,
-    // zero fees, onboarding live. Supersedes 0x20eff0DbE752e22655A6dAA5A94521FA06CDdE06.
-    // Only `core` was redeployed; shared/standalone permission templates are NOT yet
-    // deployed against this kernel (run the templates targets + refill the maps first).
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33). Supersedes
+    // 0x6319d3dfDDe3804ba93D65752b00c52bFb05a1ab (SAIL-405 redeploy).
+    // allowlistBootstrapped=true, zero fees, 48h timelock.
     chainId: 8453,
-    blockNumber: 46898030,
-    deployer: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
-    governance: "0x7E897D919872b1587577617ffFC42113679d0C50",
-    timelock: "0x8eC3Ca951E193C6E3713A70022454d7A1f083281",
-    kernel: "0x6319d3dfDDe3804ba93D65752b00c52bFb05a1ab",
-    permissionFactory: "0x7724EACd97C8601d5AC244Aadbf76ad87353Ff31",
-    standardFeePolicy: "0x65850a8D5050aeAade68289ff96c4F119a24B82e",
-    safeModuleEnabler: "0xC84EdE78f93291A1fab19F51c4c7e938AB302Edf",
-    treasury: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
+    blockNumber: 47115338,
+    deployer: CREATE2_TREASURY,
+    governance: CREATE2_GOVERNANCE,
+    timelock: CREATE2_TIMELOCK,
+    kernel: CREATE2_KERNEL,
+    mandateFactory: CREATE2_MANDATE_FACTORY,
+    standardFeePolicy: CREATE2_STANDARD_FEE_POLICY,
+    safeModuleEnabler: CREATE2_SAFE_MODULE_ENABLER,
+    treasury: CREATE2_TREASURY,
     maxPermissionFeeWei: 1000000000000000n,
     initialBaseFee: 0n,
     initialComplexityRate: 0n,
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
     knownTemplates: [],
     standaloneTemplates: {}
   },
+  // ── Arbitrum mainnet ─────────────────────────────────────────────────────────
   42161: {
-    // SAIL-405 redeploy (2026-06-04, gitCommit 0ed0561): adds owner-gated
-    // setManager(newManager) to rotate the SMA's delegated signer (clears the
-    // permission set + bumps the nonce epoch). Genesis allowlist bootstrap +
-    // local CREATE2 proxy prediction carried over; allowlistBootstrapped=true,
-    // zero fees, onboarding live. Supersedes 0x9AF32E0C395fb31f5cA28994351F8fAE3003e125.
-    // Bootstrap was sent as a standalone tx post-core-deploy; identical end state to Base.
-    // Only `core` was redeployed; shared/standalone permission templates are NOT yet
-    // deployed against this kernel (run the templates targets + refill the maps first).
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33). Supersedes
+    // 0x2716B12832DED0EF5688519c5Fe069EFc0374E02 (SAIL-405 redeploy).
+    // allowlistBootstrapped=true, zero fees, 48h timelock.
     chainId: 42161,
-    blockNumber: 25244824,
-    deployer: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
-    governance: "0xd6AbB7A1036ADc7958Abffec9Da03450c5a2Ec8e",
-    timelock: "0x114CB7110C780f7E3a6093AfE0B52463a569857C",
-    kernel: "0x2716B12832DED0EF5688519c5Fe069EFc0374E02",
-    permissionFactory: "0x23681A8A4C9819D8EaB37E46B858da6F3c85E683",
-    standardFeePolicy: "0xAdfB986D48480bC67a7cF3751d30599161632e0D",
-    safeModuleEnabler: "0xabe2a6D03F592BC602cA1dBDCD885ba2493274f9",
-    treasury: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
+    blockNumber: 471736462,
+    deployer: CREATE2_TREASURY,
+    governance: CREATE2_GOVERNANCE,
+    timelock: CREATE2_TIMELOCK,
+    kernel: CREATE2_KERNEL,
+    mandateFactory: CREATE2_MANDATE_FACTORY,
+    standardFeePolicy: CREATE2_STANDARD_FEE_POLICY,
+    safeModuleEnabler: CREATE2_SAFE_MODULE_ENABLER,
+    treasury: CREATE2_TREASURY,
     maxPermissionFeeWei: 1000000000000000n,
     initialBaseFee: 0n,
     initialComplexityRate: 0n,
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
     knownTemplates: [],
     standaloneTemplates: {}
   },
+  // ── Unichain mainnet ─────────────────────────────────────────────────────────
   130: {
-    // SAIL-406 deploy (2026-06-05, gitCommit 2c9e325): full protocol deploy on
-    // Unichain mainnet — core + the complete template suite (7 shared + 12
-    // standalone), all source-verified on uniscan.xyz. Genesis allowlist
-    // bootstrap (allowlistBootstrapped=true: Safe v1.4.1 factory, both
-    // singletons, SafeModuleEnabler, StandardFeePolicy, SafeProxy codehash
-    // 0xd7d408eb…fb4c), zero fees, onboarding live without the 48h timelock.
-    // First chain to ship permission templates against the kernel.
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33). Supersedes
+    // 0xD985029960a9B7C2E7E38e102C448b8b8539B156 (SAIL-406 deploy).
+    // NOTE: knownTemplates and standaloneTemplates from SAIL-406 were deployed
+    // against the old kernel 0xD985029... and are now invalid. They must be
+    // redeployed against the new kernel 0x02ABC1... and re-populated here.
     chainId: 130,
-    blockNumber: 49897206,
-    deployer: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
-    governance: "0xAb5C90ECfF2763f6f20f8E553E3b8778dD9C349A",
-    timelock: "0xd44FbBB37f01e235E0EE5386948F216d36D0CEf2",
-    kernel: "0xD985029960a9B7C2E7E38e102C448b8b8539B156",
-    permissionFactory: "0x8edDb62Aa49CeB837abf2653be2d93Ad9Fe6777D",
-    standardFeePolicy: "0x7bBA8BE3c01c972757aA4a230A00D58aB600A1F1",
-    safeModuleEnabler: "0xFE9227A9F2baf704060c604466df354a5A137b9B",
-    treasury: "0xB01dCE443d052e44b7D13726c0EC9fFB7f5815B6",
+    blockNumber: 50271704,
+    deployer: CREATE2_TREASURY,
+    governance: CREATE2_GOVERNANCE,
+    timelock: CREATE2_TIMELOCK,
+    kernel: CREATE2_KERNEL,
+    mandateFactory: CREATE2_MANDATE_FACTORY,
+    standardFeePolicy: CREATE2_STANDARD_FEE_POLICY,
+    safeModuleEnabler: CREATE2_SAFE_MODULE_ENABLER,
+    treasury: CREATE2_TREASURY,
     maxPermissionFeeWei: 1000000000000000n,
     initialBaseFee: 0n,
     initialComplexityRate: 0n,
     dispatchModel: "selective",
-    // selective: verified on-chain DISPATCH_TYPEHASH 0xbe50c5391dcf9e08d11d2c30dbee822c14ad07af2ceb503c778d265801fb0e5c
-    knownTemplates: [
-      {
-        address: "0xbD624eC67e2685872A60c0aF8F020727e20D096e",
-        kind: "SharedAMMLiquidityPermission",
-        chainId: 130,
-        label: "Shared AMM Liquidity",
-        description: "Bounded AMM liquidity provision/removal \u2014 enforces allowed pools and bounds."
-      },
-      {
-        address: "0x9d386605518FA81ff536b351ff055d26203229A9",
-        kind: "SharedApproveAndCallBatchPermission",
-        chainId: 130,
-        label: "Shared Approve-and-Call Batch",
-        description: "Bounded approve-then-call batch \u2014 enforces token, spender, and selector allowlists."
-      },
-      {
-        address: "0x948a9F9a6f2828E50f7e71bd569ba75A69da2BEb",
-        kind: "SharedBoundedBorrowPermission",
-        chainId: 130,
-        label: "Shared Bounded Borrow",
-        description: "Bounded borrow \u2014 enforces allowed markets and max borrow size."
-      },
-      {
-        address: "0xfD19fad56Ca3d6FaCd4279a2F84f09bef8967f6a",
-        kind: "SharedBoundedSwapPermission",
-        chainId: 130,
-        label: "Shared Uniswap V3 Swap",
-        description: "Bounded swap via Uniswap V3 \u2014 enforces allowed tokens, max trade size, and slippage."
-      },
-      {
-        address: "0x900cd03ee15e629bC4e94F6344d5529F4862071c",
-        kind: "SharedDeFiBundlePermission",
-        chainId: 130,
-        label: "Shared DeFi Bundle",
-        description: "Bounded multi-step DeFi bundle within a single permission."
-      },
-      {
-        address: "0x1dF90a2484bCF3c6Da2FB035aa0C9f523e77Cd62",
-        kind: "SharedPendlePermission",
-        chainId: 130,
-        label: "Shared Pendle",
-        description: "Bounded Pendle interactions \u2014 enforces allowed markets and bounds."
-      },
-      {
-        address: "0x851Ad196b7DC6c05eaf0B9420f2a72dc336D7739",
-        kind: "SharedTransferTargetPermission",
-        chainId: 130,
-        label: "Shared Transfer Target",
-        description: "Allows transfers only to a pre-approved target address."
-      }
-    ],
-    standaloneTemplates: {
-      // EIP-1167 clone LOGIC addresses — the `impl` argument to
-      // PermissionFactory.deployAndAttach(account, impl, salt, initData). A clone
-      // is created and configured per account via its initialize(...).
-      azuroPrediction: "0xd48cdBB25bF0A214dEffECac3c9431650834b046",
-      boundedApprove: "0xbF7089A905081054c9dA628707f2e1EF70A7F300",
-      boundedBorrow: "0x17D466309C7E0237960f68126Cc4A109D194ac28",
-      boundedDeposit: "0xf49E304EDf806AF46E8f17740e56C1CBFad5d264",
-      boundedLiFi: "0x6a0171013FeD6B2Eda16A4dd4DB33Fa34b7F3e3f",
-      boundedSwap: "0x06696F9dd4bD0994f55b075600627Dc6E54635c9",
-      boundedWithdraw: "0xE207CfC8c2204b15ee5fD22B79472929706c7E4b",
-      gmxPerp: "0xB1bb967aC11D61C0599c8458D9B950461db5D4E9",
-      gainsNetworkPerp: "0x1297673f71A9be02bc876Dbd0ceaB3c96D268bE3",
-      limitlessPrediction: "0x2bE4280d8816626e1dea4E94A83d9334A971AF90",
-      synthetixPerp: "0x711a70B16D013a9B96Bd6733F4b3097e5787f860",
-      transferTarget: "0x8428155b6b9eea4E78b9a52c2312752eD04Baf16"
-    }
+    // Templates cleared: the SAIL-406 shared + standalone templates were deployed
+    // against the old kernel (0xD985029...) and are invalid against the new one.
+    // Re-populate after redeploying templates against 0x02ABC1...
+    knownTemplates: [],
+    standaloneTemplates: {}
+  },
+  // ── Base Sepolia (testnet) ───────────────────────────────────────────────────
+  84532: {
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33). Supersedes
+    // 0xf1D0F4C9893612627409948BAa9d82a01a373799 (SAIL-405 redeploy).
+    // allowlistBootstrapped=true, zero fees, 48h timelock.
+    chainId: 84532,
+    blockNumber: 42625843,
+    deployer: CREATE2_TREASURY,
+    governance: CREATE2_GOVERNANCE,
+    timelock: CREATE2_TIMELOCK,
+    kernel: CREATE2_KERNEL,
+    mandateFactory: CREATE2_MANDATE_FACTORY,
+    standardFeePolicy: CREATE2_STANDARD_FEE_POLICY,
+    safeModuleEnabler: CREATE2_SAFE_MODULE_ENABLER,
+    treasury: CREATE2_TREASURY,
+    maxPermissionFeeWei: 1000000000000000n,
+    initialBaseFee: 0n,
+    initialComplexityRate: 0n,
+    dispatchModel: "selective",
+    knownTemplates: [],
+    standaloneTemplates: {}
+  },
+  // ── Eth Sepolia (testnet) ────────────────────────────────────────────────────
+  11155111: {
+    // CREATE2 deterministic deploy (2026-06-09, gitCommit 1199b33).
+    // allowlistBootstrapped=true, zero fees, 48h timelock.
+    chainId: 11155111,
+    blockNumber: 11023571,
+    deployer: CREATE2_TREASURY,
+    governance: CREATE2_GOVERNANCE,
+    timelock: CREATE2_TIMELOCK,
+    kernel: CREATE2_KERNEL,
+    mandateFactory: CREATE2_MANDATE_FACTORY,
+    standardFeePolicy: CREATE2_STANDARD_FEE_POLICY,
+    safeModuleEnabler: CREATE2_SAFE_MODULE_ENABLER,
+    treasury: CREATE2_TREASURY,
+    maxPermissionFeeWei: 1000000000000000n,
+    initialBaseFee: 0n,
+    initialComplexityRate: 0n,
+    dispatchModel: "selective",
+    knownTemplates: [],
+    standaloneTemplates: {}
   }
 };
 function getSailDeployment(chainId) {
@@ -38141,6 +38120,68 @@ var baseSepoliaPreconf = /* @__PURE__ */ defineChain({
   }
 });
 
+// ../../node_modules/.pnpm/viem@2.51.3_bufferutil@4.1.0_typescript@5.9.3_utf-8-validate@5.0.10_zod@4.4.3/node_modules/viem/_esm/chains/definitions/mainnet.js
+init_defineChain();
+var mainnet = /* @__PURE__ */ defineChain({
+  id: 1,
+  name: "Ethereum",
+  nativeCurrency: { name: "Ether", symbol: "ETH", decimals: 18 },
+  blockTime: 12e3,
+  rpcUrls: {
+    default: {
+      http: ["https://eth.merkle.io"]
+    }
+  },
+  blockExplorers: {
+    default: {
+      name: "Etherscan",
+      url: "https://etherscan.io",
+      apiUrl: "https://api.etherscan.io/api"
+    }
+  },
+  contracts: {
+    ensUniversalResolver: {
+      address: "0xeeeeeeee14d718c2b47d9923deab1335e144eeee",
+      blockCreated: 23085558
+    },
+    multicall3: {
+      address: "0xca11bde05977b3631167028862be2a173976ca11",
+      blockCreated: 14353601
+    }
+  }
+});
+
+// ../../node_modules/.pnpm/viem@2.51.3_bufferutil@4.1.0_typescript@5.9.3_utf-8-validate@5.0.10_zod@4.4.3/node_modules/viem/_esm/chains/definitions/sepolia.js
+init_defineChain();
+var sepolia = /* @__PURE__ */ defineChain({
+  id: 11155111,
+  name: "Sepolia",
+  nativeCurrency: { name: "Sepolia Ether", symbol: "ETH", decimals: 18 },
+  rpcUrls: {
+    default: {
+      http: ["https://11155111.rpc.thirdweb.com"]
+    }
+  },
+  blockExplorers: {
+    default: {
+      name: "Etherscan",
+      url: "https://sepolia.etherscan.io",
+      apiUrl: "https://api-sepolia.etherscan.io/api"
+    }
+  },
+  contracts: {
+    multicall3: {
+      address: "0xca11bde05977b3631167028862be2a173976ca11",
+      blockCreated: 751532
+    },
+    ensUniversalResolver: {
+      address: "0xeeeeeeee14d718c2b47d9923deab1335e144eeee",
+      blockCreated: 8928790
+    }
+  },
+  testnet: true
+});
+
 // ../../node_modules/.pnpm/viem@2.51.3_bufferutil@4.1.0_typescript@5.9.3_utf-8-validate@5.0.10_zod@4.4.3/node_modules/viem/_esm/chains/definitions/unichain.js
 init_defineChain();
 var sourceId3 = 1;
@@ -38339,25 +38380,29 @@ async function promptHidden(question) {
 
 // src/lib/chain.ts
 var CHAINS = {
+  1: mainnet,
   8453: base,
-  84532: baseSepolia,
   42161: arbitrum,
-  130: unichain
+  130: unichain,
+  84532: baseSepolia,
+  11155111: sepolia
 };
 function getChainById(chainId) {
   const chain2 = CHAINS[chainId];
   if (!chain2) {
     throw new Error(
-      `Unsupported chainId: ${chainId}. Supported: 8453 (Base), 84532 (Base Sepolia), 42161 (Arbitrum), 130 (Unichain)`
+      `Unsupported chainId: ${chainId}. Supported: 1 (Ethereum), 8453 (Base), 42161 (Arbitrum), 130 (Unichain), 84532 (Base Sepolia), 11155111 (Eth Sepolia)`
     );
   }
   return chain2;
 }
 var RPC_ENV_VARS = {
+  1: "ETH_MAINNET_RPC_URL",
   8453: "BASE_RPC_URL",
-  84532: "BASE_SEPOLIA_RPC_URL",
   42161: "ARBITRUM_RPC_URL",
-  130: "UNICHAIN_RPC_URL"
+  130: "UNICHAIN_RPC_URL",
+  84532: "BASE_SEPOLIA_RPC_URL",
+  11155111: "SEPOLIA_RPC_URL"
 };
 function getRpcUrl(chainId) {
   const env = parseEnvFile(sailPath(".env.local"));
@@ -38443,2054 +38488,2312 @@ async function loadAnySigner() {
   throw new Error('No signing key found.\nRun "sailor keys generate" first.');
 }
 
-// src/lib/state.ts
+// src/lib/packagePaths.ts
 var import_node_fs3 = __toESM(require("node:fs"), 1);
 var import_node_path2 = __toESM(require("node:path"), 1);
+function cliDistDir() {
+  try {
+    return import_node_path2.default.dirname(import_node_fs3.default.realpathSync(process.argv[1]));
+  } catch {
+    return import_node_path2.default.dirname(import_node_path2.default.resolve(process.argv[1]));
+  }
+}
+function packageRoot() {
+  let dir = cliDistDir();
+  let firstBinMatch = null;
+  for (let depth = 0; depth < 6; depth++) {
+    const pkgFile = import_node_path2.default.join(dir, "package.json");
+    if (import_node_fs3.default.existsSync(pkgFile)) {
+      try {
+        const pkg = JSON.parse(import_node_fs3.default.readFileSync(pkgFile, "utf-8"));
+        if (pkg.bin?.sailor) {
+          if (firstBinMatch === null) firstBinMatch = dir;
+          if (import_node_fs3.default.existsSync(import_node_path2.default.join(dir, "templates"))) return dir;
+        }
+      } catch {
+      }
+    }
+    const parent = import_node_path2.default.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  return firstBinMatch ?? import_node_path2.default.resolve(cliDistDir(), "../../..");
+}
+function projectPort(projectRoot) {
+  const hash3 = [...projectRoot].reduce((h, c) => (h << 5) - h + c.charCodeAt(0) >>> 0, 0);
+  return 3333 + hash3 % 667;
+}
+
+// src/lib/state.ts
+var import_node_fs4 = __toESM(require("node:fs"), 1);
+var import_node_path3 = __toESM(require("node:path"), 1);
 function upsertAccountInList(account2, name, baseSailDir = sailDir()) {
-  const accountsPath = import_node_path2.default.join(baseSailDir, "state", "accounts.json");
+  const accountsPath = import_node_path3.default.join(baseSailDir, "state", "accounts.json");
   let accounts = [];
   try {
-    accounts = JSON.parse(import_node_fs3.default.readFileSync(accountsPath, "utf-8"));
+    accounts = JSON.parse(import_node_fs4.default.readFileSync(accountsPath, "utf-8"));
   } catch {
     try {
       const prev = JSON.parse(
-        import_node_fs3.default.readFileSync(import_node_path2.default.join(baseSailDir, "account.json"), "utf-8")
+        import_node_fs4.default.readFileSync(import_node_path3.default.join(baseSailDir, "account.json"), "utf-8")
       );
       if (prev?.safe) accounts.push({ ...prev, name: "SMA 1", addedAt: null });
     } catch {
     }
   }
-  if (!accounts.find((a) => a.safe.toLowerCase() === account2.safe.toLowerCase())) {
+  const idx = accounts.findIndex((a) => a.safe.toLowerCase() === account2.safe.toLowerCase());
+  if (idx === -1) {
     accounts.push({
       ...account2,
       name: name ?? `SMA ${accounts.length + 1}`,
       addedAt: nowIso()
     });
+  } else {
+    accounts[idx] = { ...accounts[idx], ...account2 };
   }
-  import_node_fs3.default.mkdirSync(import_node_path2.default.join(baseSailDir, "state"), { recursive: true });
-  import_node_fs3.default.writeFileSync(accountsPath, `${JSON.stringify(accounts, null, 2)}
+  import_node_fs4.default.mkdirSync(import_node_path3.default.join(baseSailDir, "state"), { recursive: true });
+  import_node_fs4.default.writeFileSync(accountsPath, `${JSON.stringify(accounts, null, 2)}
 `);
 }
 
-// src/commands/account.ts
-function resolveChain(chainId) {
-  try {
-    return getChain(chainId);
-  } catch {
-    throw new Error(
-      `Chain ${chainId} is not yet configured in @sail/chains.
-The SailKernel and mandate-factory addresses for this chain are unknown,
-so an account cannot be created yet. Add the chain to @sail/chains once
-SailKernel is deployed there.`
-    );
+// src/signing/client.ts
+var import_node_fs6 = require("node:fs");
+var import_node_path5 = require("node:path");
+
+// src/signing/server.ts
+var import_node_crypto2 = require("node:crypto");
+var import_node_fs5 = require("node:fs");
+var import_node_http = require("node:http");
+var import_node_net = require("node:net");
+var import_node_path4 = require("node:path");
+
+// ../../node_modules/.pnpm/ws@8.21.0_bufferutil@4.1.0_utf-8-validate@5.0.10/node_modules/ws/wrapper.mjs
+var import_stream2 = __toESM(require_stream2(), 1);
+var import_extension2 = __toESM(require_extension2(), 1);
+var import_permessage_deflate2 = __toESM(require_permessage_deflate2(), 1);
+var import_receiver2 = __toESM(require_receiver2(), 1);
+var import_sender2 = __toESM(require_sender2(), 1);
+var import_subprotocol2 = __toESM(require_subprotocol2(), 1);
+var import_websocket2 = __toESM(require_websocket2(), 1);
+var import_websocket_server2 = __toESM(require_websocket_server2(), 1);
+
+// src/signing/server.ts
+var DEFAULT_SIGNING_PORT = 3141;
+var RUNTIME_SUBDIR = (0, import_node_path4.join)(".sail", "runtime");
+var SERVER_STATE_FILE = "server.json";
+var REQUEST_SECRET_HEADER = "x-sailor-secret";
+var MIME = {
+  ".html": "text/html; charset=utf-8",
+  ".js": "application/javascript",
+  ".mjs": "application/javascript",
+  ".css": "text/css",
+  ".svg": "image/svg+xml",
+  ".png": "image/png",
+  ".ico": "image/x-icon",
+  ".json": "application/json",
+  ".woff": "font/woff",
+  ".woff2": "font/woff2"
+};
+function findUiDist() {
+  const candidates = [
+    // Installed package (any scope): walk up to package root via bin.sailor marker
+    (0, import_node_path4.join)(packageRoot(), "packages", "ui", "dist"),
+    // Monorepo dev via tsx run from the repo root
+    (0, import_node_path4.join)(process.cwd(), "packages", "ui", "dist"),
+    (0, import_node_path4.join)(process.cwd(), "..", "ui", "dist")
+  ];
+  for (const c of candidates) {
+    if ((0, import_node_fs5.existsSync)((0, import_node_path4.join)(c, "index.html"))) return c;
   }
+  return null;
 }
-async function accountCreate() {
-  if (!keyExists("manager")) {
-    throw new Error(
-      'No agent wallet found.\nRun "sailor keys generate" and choose "agent wallet" first.'
-    );
+var RESULT_LONGPOLL_MS = 25e3;
+var SigningServer = class {
+  /** This channel owns the server in-process (see SigningChannel). */
+  remote = false;
+  projectRoot;
+  runtimeDir;
+  port;
+  _url = "";
+  pending = /* @__PURE__ */ new Map();
+  results = /* @__PURE__ */ new Map();
+  resultWaiters = /* @__PURE__ */ new Map();
+  clients = /* @__PURE__ */ new Set();
+  httpServer = null;
+  wss = null;
+  _connectedWallet;
+  walletListeners = [];
+  uiDist;
+  /**
+   * Whether to publish .sail/runtime/server.json (the daemon-discovery hint).
+   * The persistent daemon (`sailor station start`) advertises; ephemeral
+   * per-command servers do not, so they never clobber a running daemon's state
+   * on a discovery race. The browser UI finds servers by port-probing anyway.
+   */
+  advertise;
+  /** Random secret generated at startup. Required on POST /requests to prevent
+   *  cross-origin pages from injecting signing requests. */
+  requestSecret = "";
+  constructor(opts = {}) {
+    this.projectRoot = opts.projectRoot ?? process.cwd();
+    this.runtimeDir = (0, import_node_path4.join)(this.projectRoot, RUNTIME_SUBDIR);
+    this.port = opts.port ?? DEFAULT_SIGNING_PORT;
+    this.uiDist = opts.uiDist ?? findUiDist();
+    this.advertise = opts.advertise ?? true;
   }
-  const env = parseEnvFile(sailPath(".env.local"));
-  const rpcUrl = env["RPC_URL"] ?? process.env["RPC_URL"];
-  const chainIdRaw = env["CHAIN_ID"] ?? process.env["CHAIN_ID"];
-  if (!rpcUrl || !chainIdRaw) {
-    throw new Error(
-      "RPC_URL and CHAIN_ID must be set in .sail/.env.local.\nCreate that file with, for example:\n  RPC_URL=https://your-rpc-endpoint\n  CHAIN_ID=8453"
-    );
+  get url() {
+    return this._url;
   }
-  const chainId = Number(chainIdRaw);
-  if (Number.isNaN(chainId)) {
-    throw new Error(`Invalid CHAIN_ID: "${chainIdRaw}" \u2014 must be a number.`);
+  get wsUrl() {
+    return this._url.replace("http://", "ws://");
   }
-  const chain2 = resolveChain(chainId);
-  console.log(`Chain ${chainId} (${chain2.name})`);
-  console.log(`  SailKernel:      ${checksum4(chain2.kernel)}`);
-  console.log(`  Mandate factory: ${checksum4(chain2.mandateFactory)}
-`);
-  const manager = await loadKeyring("manager");
-  const managerAddr = checksum4(manager.address);
-  const safeFactory = await promptAddress("Safe factory address");
-  const safeSingleton = await promptAddress("Safe singleton address");
-  const owner2 = await promptAddress("Owner (EOA) address", managerAddr);
-  const permissionSigner = await promptAddress("Mandate signer address", managerAddr);
-  const feePolicy = await prompt("Fee policy", "none");
-  console.log("\nCreating SMA with:");
-  console.log(`  Owner:           ${owner2}`);
-  console.log(`  Agent wallet:    ${managerAddr}`);
-  console.log(`  Mandate signer:  ${permissionSigner}`);
-  console.log(`  Safe factory:    ${safeFactory}`);
-  console.log(`  Safe singleton:  ${safeSingleton}`);
-  console.log(`  Fee policy:      ${feePolicy}`);
-  const client = makeClient(chainId);
-  try {
-    const account2 = await client.account.create({
-      owner: owner2,
-      permissionSigner,
-      manager: managerAddr,
-      chainId
-    });
-    const stored = {
-      safe: checksum4(account2.safe),
-      owner: checksum4(account2.owner),
-      permissionSigner: checksum4(account2.permissionSigner),
-      manager: checksum4(account2.manager),
-      chainId: account2.chainId,
-      createdAtBlock: account2.createdAtBlock.toString()
-    };
-    upsertAccountInList(stored);
-    writeJsonFile(sailPath("account.json"), stored);
-    console.log(`
-SMA created. Address: ${stored.safe}`);
-    console.log("Saved to .sail/account.json");
-  } catch (err) {
-    if (err.message === "not implemented") {
-      console.log(
-        "\nOn-chain account creation is not wired up in this build yet \u2014\nclient.account.create is a stub until SailKernel is deployed and the\nSDK is connected. Nothing was created on-chain."
-      );
-      return;
-    }
-    throw err;
+  get isRunning() {
+    return this.httpServer?.listening ?? false;
   }
-}
-var SAIL_MAINNET_CHAINS = [8453, 42161, 130];
-async function fetchProxyCreationCode(preferredChainId) {
-  const rpcUrl = getRpcUrl(preferredChainId) ?? void 0;
-  const publicClient = createPublicClient({
-    chain: getChainById(preferredChainId),
-    transport: http(rpcUrl)
-  });
-  return await publicClient.readContract({
-    address: SAFE_V141.proxyFactory,
-    abi: safeProxyFactoryAbi,
-    functionName: "proxyCreationCode"
-  });
-}
-async function accountPredict(options) {
-  const stored = readJsonFile(sailPath("account.json"));
-  let ownerAddr;
-  if (options.owner) {
-    if (!isAddress(options.owner, { strict: false })) {
-      throw new Error(`Invalid --owner address: ${options.owner}`);
-    }
-    ownerAddr = getAddress(options.owner);
-  } else {
-    if (!stored?.owner) {
-      throw new Error(
-        "No owner found in .sail/account.json. Pass --owner <address> or run sailor onboard first."
+  async start() {
+    this.port = await findAvailablePort(this.port);
+    this._url = `http://localhost:${this.port}`;
+    this.requestSecret = (0, import_node_crypto2.randomBytes)(16).toString("hex");
+    const http2 = (0, import_node_http.createServer)((req, res) => this.handleHttp(req, res));
+    this.wss = new import_websocket_server2.default({ server: http2 });
+    this.wss.on("connection", (ws, req) => {
+      const params = new URL(req.url ?? "/", this._url).searchParams;
+      if (params.get("secret") !== this.requestSecret) {
+        ws.close(1008, "Unauthorized");
+        return;
+      }
+      this.handleConnection(ws);
+    });
+    await new Promise((res, rej) => {
+      http2.listen(this.port, "127.0.0.1", res);
+      http2.once("error", rej);
+    });
+    this.httpServer = http2;
+    if (this.advertise) this.writeRuntimeState();
+    process.once("SIGINT", () => this.stop());
+    process.once("SIGTERM", () => this.stop());
+  }
+  stop() {
+    for (const [id, entry] of this.pending) {
+      clearTimeout(entry.timer);
+      this.recordResult(
+        { status: "rejected", requestId: id, reason: "Signing server stopped" },
+        entry.request
       );
     }
-    ownerAddr = getAddress(stored.owner);
-  }
-  let managerAddr;
-  if (options.manager) {
-    if (!isAddress(options.manager, { strict: false })) {
-      throw new Error(`Invalid --manager address: ${options.manager}`);
+    this.pending.clear();
+    for (const ws of this.clients) {
+      try {
+        ws.close();
+      } catch {
+      }
     }
-    managerAddr = getAddress(options.manager);
-  } else if (stored?.manager) {
-    managerAddr = getAddress(stored.manager);
-  } else {
-    throw new Error(
-      "The predicted address depends on the agent (manager) wallet, which is mixed into the kernel's CREATE2 salt.\nPass --manager <agent address> (create one first with `sailor keys`), or run after onboarding so it can be read from .sail/account.json."
-    );
+    this.clients.clear();
+    this.wss?.close();
+    this.httpServer?.close();
+    this.httpServer = null;
+    if (this.advertise) this.removeRuntimeState();
   }
-  const saltNonce = options.salt != null ? BigInt(options.salt) : 0n;
-  let chainIds;
-  if (options.chain) {
-    const chainId = Number(options.chain);
-    if (!(chainId in sailDeployments)) {
-      throw new Error(
-        `Chain ${chainId} has no Sail Protocol deployment. Supported: ${Object.keys(sailDeployments).join(", ")}`
-      );
-    }
-    chainIds = [chainId];
-  } else {
-    chainIds = SAIL_MAINNET_CHAINS;
+  get connectedWallet() {
+    return this._connectedWallet;
   }
-  const firstChain = chainIds[0];
-  const proxyCreationCode = await fetchProxyCreationCode(firstChain);
-  const results = chainIds.map((chainId) => {
-    const deployment = sailDeployments[chainId];
-    const viemChain = getChainById(chainId);
-    const initializer = buildSafeSetupInitializer({
-      owners: [ownerAddr],
-      threshold: 1n,
-      kernel: deployment.kernel,
-      safeModuleEnabler: deployment.safeModuleEnabler
-    });
-    const predictedAddress = computeSailSmaAddress({
-      initializer,
-      saltNonce,
-      deployer: ownerAddr,
-      permissionSigner: ownerAddr,
-      manager: managerAddr,
-      feePolicy: deployment.standardFeePolicy,
-      proxyCreationCode
+  /**
+   * Resolves as soon as a wallet connects (or immediately if one already is).
+   * The CLI calls this before building calldata that needs the owner's address.
+   */
+  waitForWallet(timeoutMs = 5 * 60 * 1e3) {
+    if (this._connectedWallet) return Promise.resolve(this._connectedWallet);
+    return new Promise((res, rej) => {
+      const timer = setTimeout(
+        () => rej(new Error("Timed out waiting for wallet connection in the signing UI")),
+        timeoutMs
+      );
+      this.walletListeners.push((addr) => {
+        clearTimeout(timer);
+        res(addr);
+      });
     });
-    return {
-      chainId,
-      name: viemChain.name,
-      predictedAddress,
-      kernel: deployment.kernel,
-      safeModuleEnabler: deployment.safeModuleEnabler
-    };
-  });
-  const uniqueAddresses = new Set(results.map((r) => r.predictedAddress.toLowerCase()));
-  const allSame = uniqueAddresses.size === 1;
-  if (options.json) {
-    console.log(
-      JSON.stringify(
-        {
-          salt: saltNonce.toString(),
-          owner: ownerAddr,
-          manager: managerAddr,
-          chains: results.map(({ chainId, name, predictedAddress }) => ({
-            chainId,
-            name,
-            predictedAddress
-          })),
-          allSame,
-          note: allSame ? "All chains produce the same address with this salt, owner, and manager." : "Addresses differ per chain because the kernel salt binds the chain-specific fee policy and the Safe initializer encodes chain-specific contract addresses (kernel, safeModuleEnabler). Cross-chain same-address requires deterministic protocol deployment or a registerExisting() flow."
-        },
-        null,
-        2
-      )
-    );
-    return;
-  }
-  console.log("\nPredicted Safe addresses");
-  console.log(`  Owner:   ${ownerAddr}`);
-  console.log(`  Manager: ${managerAddr}`);
-  console.log(`  Salt:    ${saltNonce}`);
-  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
-  for (const { chainId, name, predictedAddress } of results) {
-    console.log(`  ${name.padEnd(14)} (${String(chainId).padEnd(5)}):  ${predictedAddress}`);
   }
-  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
-  if (allSame) {
-    console.log("\u2713 All chains produce the same address.");
-  } else {
-    console.log("\n\u26A0  Addresses differ across chains.");
-    console.log(
-      "   Root cause: SailKernel.createAccount binds the CREATE2 salt as\n   keccak256(saltNonce, deployer, permissionSigner, manager, feePolicy),\n   then SafeProxyFactory derives the address from that bound salt and the\n   Safe initializer. Both the fee policy and the initializer (kernel,\n   safeModuleEnabler) are chain-specific, so each chain yields a different\n   address even with the same owner, manager, and salt.\n\n   For cross-chain same-address the Sail Protocol needs one of:\n   A) Deterministic (CREATE2) deployment of kernel + safeModuleEnabler +\n      fee policy so they land at the same address on every chain.\n   B) A registerExisting() path allowing a plain Safe (deployed with a\n      chain-agnostic initializer) to be registered with the kernel."
-    );
+  /**
+   * Enqueue a signing request and broadcast it to the UI. Returns the full
+   * request (with generated id). Used by both the in-process path and the HTTP
+   * control plane (POST /requests).
+   */
+  enqueue(req, timeoutMs = 10 * 60 * 1e3) {
+    const id = `req_${Date.now()}_${(0, import_node_crypto2.randomBytes)(6).toString("hex")}`;
+    const request = { ...req, id, createdAt: Date.now() };
+    const timer = setTimeout(() => {
+      if (this.pending.has(id)) {
+        this.pending.delete(id);
+        this.recordResult(
+          {
+            status: "rejected",
+            requestId: id,
+            reason: `timed out after ${timeoutMs / 1e3}s`
+          },
+          request
+        );
+      }
+    }, timeoutMs);
+    this.pending.set(id, { request, timer });
+    this.broadcast({ type: "request", request });
+    return request;
   }
-  console.log(`
-To deploy on this chain: sailor onboard --new-sma --salt ${saltNonce}`);
-}
-
-// src/lib/output.ts
-function emit(json, human, payload) {
-  if (json) {
-    console.log(JSON.stringify(payload));
-  } else {
-    human();
+  /**
+   * Resolve once a result for `id` is available (immediately if already
+   * resolved). Resolves to `null` if `timeoutMs` elapses first.
+   */
+  waitForResult(id, timeoutMs) {
+    const existing = this.results.get(id);
+    if (existing) return Promise.resolve(existing);
+    return new Promise((res) => {
+      const timer = setTimeout(() => {
+        this.resultWaiters.get(id)?.delete(waiter);
+        res(null);
+      }, timeoutMs);
+      const waiter = (r) => {
+        clearTimeout(timer);
+        res(r);
+      };
+      if (!this.resultWaiters.has(id)) this.resultWaiters.set(id, /* @__PURE__ */ new Set());
+      this.resultWaiters.get(id)?.add(waiter);
+    });
   }
-}
-
-// src/lib/project.ts
-init_esm2();
-function nonEmpty(value) {
-  return typeof value === "string" && value.trim().length > 0;
-}
-var ProjectContext = class {
-  config;
-  chainId;
-  deployment;
-  contracts;
-  constructor() {
-    const cfg = readJsonFile(sailPath("config.json"));
-    if (!cfg) {
-      throw new Error('No Sailor project found here. Run "sailor init" first.');
+  /** Push a signing request to the UI and await the user's response (in-process). */
+  async requestSignature(req, timeoutMs = 10 * 60 * 1e3) {
+    const request = this.enqueue(req, timeoutMs);
+    const result = await this.waitForResult(request.id, timeoutMs + 2e3);
+    if (!result) {
+      throw new Error(`Signing request "${request.title}" timed out after ${timeoutMs / 1e3}s`);
     }
-    this.config = cfg;
-    this.chainId = cfg.chainId ?? 8453;
-    this.deployment = getSailDeployment(this.chainId);
-    const overrides = cfg.contracts ?? {};
-    this.contracts = {
-      chainId: this.chainId,
-      kernel: getAddress(nonEmpty(overrides.kernel) ? overrides.kernel : this.deployment.kernel),
-      governance: getAddress(
-        nonEmpty(overrides.governance) ? overrides.governance : this.deployment.governance
-      ),
-      standardFeePolicy: getAddress(
-        nonEmpty(overrides.standardFeePolicy) ? overrides.standardFeePolicy : this.deployment.standardFeePolicy
-      ),
-      safeModuleEnabler: getAddress(
-        nonEmpty(overrides.safeModuleEnabler) ? overrides.safeModuleEnabler : this.deployment.safeModuleEnabler
-      ),
-      permissionFactory: getAddress(
-        nonEmpty(overrides.permissionFactory) ? overrides.permissionFactory : this.deployment.permissionFactory
-      )
-    };
-  }
-  static exists() {
-    return fileExists(sailPath("config.json"));
-  }
-  get name() {
-    return this.config.name ?? "sailor-agent";
-  }
-  // ── Owner persistence (.sail/state/owner.json) ──────────────────────────────
-  getOwner() {
-    const state = readJsonFile(sailPath("state", "owner.json"));
-    if (state?.owner) return getAddress(state.owner);
-    const account2 = readJsonFile(sailPath("account.json"));
-    return account2?.owner ? getAddress(account2.owner) : null;
+    return result;
   }
-  setOwner(owner2) {
-    writeJsonFile(sailPath("state", "owner.json"), {
-      owner: getAddress(owner2),
-      chainId: this.chainId,
-      connectedAt: (/* @__PURE__ */ new Date()).toISOString()
-    });
+  recordResult(response, request) {
+    const id = response.requestId;
+    if (this.results.has(id)) return;
+    this.results.set(id, response);
+    const waiters2 = this.resultWaiters.get(id);
+    if (waiters2) {
+      for (const w of waiters2) w(response);
+      this.resultWaiters.delete(id);
+    }
+    this.broadcast({ type: "request-resolved", requestId: id });
+    setTimeout(() => this.results.delete(id), 10 * 60 * 1e3).unref?.();
+    this.logOwnerActivity(response, request);
   }
-};
-async function loadManagerSigner2() {
-  if (!process.env.SAIL_PASSPHRASE) {
+  /**
+   * Append the owner's signing decision to the unified activity log. This is
+   * the single place every owner action lands — whether the request was
+   * approved (a signed tx or an off-chain EIP-712 signature) or rejected — so
+   * the dashboard's Recent Activity can show what the owner did, alongside the
+   * agent's dispatches. We only log when the originating request is known
+   * (its `kind`/`title` give the event meaning); a bare result with no request
+   * carries nothing worth showing.
+   */
+  logOwnerActivity(response, request) {
+    if (!request) return;
+    const base2 = {
+      ts: nowIso(),
+      actor: "owner",
+      kind: request.kind,
+      title: request.title,
+      chainId: request.chainId
+    };
+    let event;
+    if (response.status === "signed") {
+      event = { ...base2, type: "owner_signed", txHash: response.txHash };
+    } else if (response.status === "signature") {
+      event = { ...base2, type: "owner_signed", offchain: true };
+    } else {
+      event = { ...base2, type: "owner_rejected", reason: response.reason };
+    }
     try {
-      const env = parseEnvFile(sailPath(".env.local"));
-      if (env.SAIL_PASSPHRASE) process.env.SAIL_PASSPHRASE = env.SAIL_PASSPHRASE;
+      appendActivity(event, (0, import_node_path4.join)(this.projectRoot, ".sail"));
     } catch {
     }
   }
-  const passphrase = process.env.SAIL_PASSPHRASE;
-  if (passphrase) {
-    const keystore = readJsonFile(keyPath("manager"));
-    if (!keystore) {
-      throw new Error('No manager key found.\nRun "sailor keys generate" and choose "manager".');
-    }
-    return LocalKeyring.fromKeystore(keystore, passphrase);
+  /** Path to `<projectRoot>/.sail/<...segments>`. */
+  sailFile(...segments) {
+    return (0, import_node_path4.join)(this.projectRoot, ".sail", ...segments);
   }
-  return loadKeyring("manager");
-}
-
-// src/commands/capabilities.ts
-function chainName(chainId) {
-  try {
-    return getChainById(chainId).name;
-  } catch {
-    return `Chain ${chainId}`;
+  /** Stream a JSON file back, or a fallback body when it is missing/invalid. */
+  sendJsonFile(res, filePath, fallback2) {
+    try {
+      const raw = (0, import_node_fs5.readFileSync)(filePath, "utf-8");
+      JSON.parse(raw);
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(raw);
+    } catch {
+      res.writeHead(fallback2.status, { "Content-Type": "application/json" });
+      res.end(JSON.stringify(fallback2.body));
+    }
   }
-}
-async function capabilities(options = {}) {
-  const project = new ProjectContext();
-  const chainId = project.chainId;
-  const kernel = project.contracts.kernel;
-  const deployment = getSailDeployment(chainId);
-  const rpcUrl = getRpcUrl(chainId) ?? getChainById(chainId).rpcUrls.default.http[0];
-  let dispatchModel = deployment.dispatchModel;
-  let modelSource = "static-hint";
-  try {
-    const caps = await new SailorClient({ chainId, rpcUrl, kernel }).capabilities();
-    dispatchModel = caps.dispatchModel;
-    modelSource = caps.source;
-  } catch {
+  /**
+   * Persist a Safe deployed/imported from the dashboard. Mirrors the UI data
+   * server's `POST /api/account` (packages/ui/server.js): upsert the SMA into
+   * `state/accounts.json` (so the account switcher and the agent see it) BEFORE
+   * overwriting `account.json` with the new active SMA — the upsert backfills
+   * from the previously-active account.json, so writing it first would drop the
+   * prior SMA.
+   */
+  handleSaveAccount(req, res) {
+    this.readBody(req).then((body) => {
+      const parsed = body ? JSON.parse(body) : {};
+      const { safe, owner: owner2, permissionSigner, manager, chainId, createdAtBlock } = parsed;
+      if (!safe || !owner2 || !chainId) {
+        res.writeHead(400, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "safe, owner, and chainId are required" }));
+        return;
+      }
+      const record = {
+        safe,
+        owner: owner2,
+        permissionSigner: permissionSigner ?? owner2,
+        manager: manager ?? owner2,
+        chainId,
+        createdAtBlock: createdAtBlock ?? "0"
+      };
+      const baseSailDir = this.sailFile();
+      upsertAccountInList(record, void 0, baseSailDir);
+      (0, import_node_fs5.mkdirSync)(baseSailDir, { recursive: true });
+      (0, import_node_fs5.writeFileSync)(this.sailFile("account.json"), `${JSON.stringify(record, null, 2)}
+`);
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ ok: true }));
+    }).catch((err) => {
+      res.writeHead(500, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
+    });
   }
-  const cloneTemplates = (deployment.cloneTemplates ?? []).map((t) => ({
-    key: t.key,
-    kind: t.kind,
-    label: t.label,
-    description: t.description,
-    address: t.address,
-    initParams: t.initParams
-  }));
-  const knownTemplates = (deployment.knownTemplates ?? []).map((t) => ({
-    kind: t.kind,
-    label: t.label,
-    description: t.description,
-    address: t.address
-  }));
-  const bareTemplates = Object.keys(deployment.standaloneTemplates ?? {}).filter(
-    (k) => !cloneTemplates.some((c) => c.key === k)
-  );
-  const strategyPrimitives = [
-    "strategy.swap \u2014 bounded swap (one-off, or looped on a schedule for DCA/rebalance)",
-    "dispatch.single \u2014 a single permitted call through the kernel",
-    dispatchModel === "selective" ? "dispatch.batch / dispatch.preview \u2014 multi-call (selective kernels only)" : "dispatch.batch / dispatch.preview \u2014 UNAVAILABLE on this conjunctive kernel"
-  ];
-  const payload = {
-    chainId,
-    chainName: chainName(chainId),
-    supported: true,
-    dispatchModel,
-    dispatchModelSource: modelSource,
-    contracts: {
-      kernel,
-      permissionFactory: project.contracts.permissionFactory
-    },
-    supportedChains: Object.keys(sailDeployments).map((id) => ({
-      chainId: Number(id),
-      name: chainName(Number(id)),
-      dispatchModel: sailDeployments[id].dispatchModel
-    })),
-    mandateTemplates: {
-      // No-Solidity, self-describing clone templates (deployAndAttach + initialize).
-      cloneTemplates,
-      // Pre-deployed shared permissions.
-      knownTemplates,
-      // Deployable clone logic without rich wizard metadata yet.
-      otherStandaloneTemplates: bareTemplates
-    },
-    strategyPrimitives,
-    customMandates: "Author a Foundry IPermission contract under mandates/ when no template fits; keep all policy parameters constructor-configured.",
-    intelligence: {
-      baseUrl: SAIL_INTELLIGENCE_BASE_URL,
-      docsUrl: SAIL_INTELLIGENCE_DOCS_URL,
-      use: "Vault screening, allocation, and rebalance advice for yield strategies."
+  /** All known SMAs, annotating the currently-active one (mirrors the UI server). */
+  handleListAccounts(res) {
+    res.writeHead(200, { "Content-Type": "application/json" });
+    let active = null;
+    try {
+      active = JSON.parse((0, import_node_fs5.readFileSync)(this.sailFile("account.json"), "utf-8")).safe;
+    } catch {
     }
-  };
-  emit(
-    options.json,
-    () => {
-      console.log("Sailor capabilities");
-      console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
-      console.log(`Chain:          ${payload.chainName} (${chainId})`);
-      console.log(`Dispatch model: ${dispatchModel ?? "unknown"}  (${modelSource})`);
-      console.log(
-        `Supported chains: ${payload.supportedChains.map((c) => `${c.name} [${c.dispatchModel}]`).join(", ")}`
+    try {
+      const accounts = JSON.parse(
+        (0, import_node_fs5.readFileSync)(this.sailFile("state", "accounts.json"), "utf-8")
       );
-      console.log("\nNo-Solidity mandate templates on this chain:");
-      if (cloneTemplates.length === 0 && knownTemplates.length === 0 && bareTemplates.length === 0) {
-        console.log("  (none registered for this chain yet \u2014 author a custom mandate)");
-      }
-      for (const t of cloneTemplates) {
-        console.log(`  \u2022 ${t.label} (${t.kind}) \u2014 ${t.description ?? ""}`);
-        console.log(`      params: ${t.initParams.map((p) => `${p.name}: ${p.type}`).join(", ")}`);
-      }
-      for (const t of knownTemplates) {
-        console.log(`  \u2022 ${t.label} (${t.kind}, shared) \u2014 ${t.description ?? ""}`);
-      }
-      if (bareTemplates.length > 0) {
-        console.log(`  \u2022 also deployable: ${bareTemplates.join(", ")}`);
-      }
-      console.log("\nStrategy primitives:");
-      for (const p of strategyPrimitives) console.log(`  \u2022 ${p}`);
-      console.log("\nCustom mandates:");
-      console.log(`  ${payload.customMandates}`);
-      console.log("\nIntelligence API (yield/allocation advice):");
-      console.log(`  ${SAIL_INTELLIGENCE_BASE_URL}  (docs: ${SAIL_INTELLIGENCE_DOCS_URL})`);
-      console.log(
-        "\nUse this to decide if a request is buildable. If it can't be expressed as a template, a strategy primitive, or a custom mandate, say so \u2014 don't scaffold a revert."
+      res.end(
+        JSON.stringify(
+          accounts.map((a) => ({
+            ...a,
+            active: a.safe.toLowerCase() === active?.toLowerCase()
+          }))
+        )
       );
-    },
-    payload
-  );
-}
-
-// src/commands/doctor.ts
-init_esm2();
-
-// src/lib/contract-check.ts
-async function checkContractExists(pc, address) {
-  try {
-    const code = await pc.getCode({ address });
-    return { address, hasCode: !!code && code !== "0x" };
-  } catch (err) {
-    return { address, hasCode: false, error: err.message.split("\n")[0] };
-  }
-}
-
-// src/lib/permission-resolver.ts
-var IPERMISSION_ABI = [
-  {
-    type: "function",
-    name: "evaluate",
-    stateMutability: "view",
-    inputs: [
-      { name: "txData", type: "bytes" },
-      {
-        name: "ctx",
-        type: "tuple",
-        components: [
-          { name: "account", type: "address" },
-          { name: "manager", type: "address" },
-          { name: "submitter", type: "address" },
-          { name: "target", type: "address" },
-          { name: "selector", type: "bytes4" },
-          { name: "value", type: "uint256" },
-          { name: "blockTimestamp", type: "uint256" },
-          { name: "blockNumber", type: "uint256" }
-        ]
+    } catch {
+      try {
+        const a = JSON.parse(
+          (0, import_node_fs5.readFileSync)(this.sailFile("account.json"), "utf-8")
+        );
+        res.end(JSON.stringify([{ ...a, name: "My SMA", active: true, addedAt: null }]));
+      } catch {
+        res.end("[]");
       }
-    ],
-    outputs: [{ type: "bool" }]
-  }
-];
-function buildPermissionContext(params) {
-  const { account: account2, manager, call: call2, blockInfo } = params;
-  const selector = call2.data.length >= 10 ? call2.data.slice(0, 10) : "0x00000000";
-  return {
-    account: account2,
-    manager,
-    submitter: manager,
-    // runner submits dispatches from the manager (agent) wallet
-    target: call2.target,
-    selector,
-    value: call2.value,
-    blockTimestamp: blockInfo.timestamp,
-    blockNumber: blockInfo.number
-  };
-}
-async function probePermissionForCall(params) {
-  const { publicClient, permission, account: account2, manager, call: call2, blockInfo } = params;
-  const ctx = buildPermissionContext({ account: account2, manager, call: call2, blockInfo });
-  try {
-    const accepted = await publicClient.readContract({
-      address: permission,
-      abi: IPERMISSION_ABI,
-      functionName: "evaluate",
-      args: [call2.data, ctx]
-    });
-    return { accepted: Boolean(accepted), reverted: false };
-  } catch (err) {
-    return { accepted: false, reverted: true, error: err.message.split("\n")[0] };
+    }
   }
-}
-async function resolvePermissionForCall(params) {
-  const { publicClient, account: account2, manager, call: call2, registeredPermissions, blockInfo } = params;
-  const ctx = buildPermissionContext({ account: account2, manager, call: call2, blockInfo });
-  for (const permission of registeredPermissions) {
-    try {
-      const accepted = await publicClient.readContract({
-        address: permission,
-        abi: IPERMISSION_ABI,
-        functionName: "evaluate",
-        args: [call2.data, ctx]
+  handleHttp(req, res) {
+    const origin = req.headers.origin;
+    const url0 = (req.url ?? "/").split("?")[0];
+    const isDiscoveryEndpoint = url0 === "/config";
+    const allowedOrigin = isDiscoveryEndpoint && origin?.startsWith("http://localhost:") ? origin : origin === this._url ? origin : this._url;
+    res.setHeader("Access-Control-Allow-Origin", allowedOrigin);
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", `Content-Type, ${REQUEST_SECRET_HEADER}`);
+    res.setHeader("Vary", "Origin");
+    if (req.method === "OPTIONS") {
+      res.writeHead(204);
+      res.end();
+      return;
+    }
+    const url = (req.url ?? "/").split("?")[0];
+    if (url === "/config") {
+      const isTrustedOrigin = !origin || origin === this._url;
+      const wsUrlForClient = isTrustedOrigin ? `${this.wsUrl}?secret=${encodeURIComponent(this.requestSecret)}` : this.wsUrl;
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(
+        JSON.stringify({
+          url: this._url,
+          wsUrl: wsUrlForClient,
+          port: this.port,
+          pid: process.pid,
+          pendingCount: this.pending.size
+        })
+      );
+      return;
+    }
+    const secretHeader = req.headers[REQUEST_SECRET_HEADER];
+    const isAuthenticated = secretHeader === this.requestSecret;
+    if (url === "/pending") {
+      if (!isAuthenticated) {
+        res.writeHead(403, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "forbidden" }));
+        return;
+      }
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify(Array.from(this.pending.values()).map((e) => e.request)));
+      return;
+    }
+    if (url === "/wallet") {
+      if (!isAuthenticated) {
+        res.writeHead(403, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "forbidden" }));
+        return;
+      }
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ address: this._connectedWallet ?? null }));
+      return;
+    }
+    if (url === "/requests" && req.method === "POST") {
+      const supplied = req.headers[REQUEST_SECRET_HEADER];
+      if (supplied !== this.requestSecret) {
+        res.writeHead(403, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "forbidden" }));
+        return;
+      }
+      this.readBody(req).then((body) => {
+        const parsed = JSON.parse(body);
+        if (!parsed.kind || !["create-sma", "deploy-mandate", "register-permission", "attach-mandate", "revoke-permissions", "set-delegate", "arbitrary-tx"].includes(parsed.kind)) {
+          throw new Error(`Unknown signing request kind: ${String(parsed.kind)}`);
+        }
+        const request = this.enqueue(parsed);
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ id: request.id }));
+      }).catch((err) => {
+        res.writeHead(400, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
       });
-      if (accepted) return permission;
-    } catch {
+      return;
     }
-  }
-  return void 0;
-}
-async function resolvePermissionForBatch(params) {
-  const { publicClient, kernel, account: account2, calls, registeredPermissions } = params;
-  for (const permission of registeredPermissions) {
-    try {
-      const [approved] = await publicClient.readContract({
-        address: kernel,
-        abi: SailKernelAbi,
-        functionName: "previewBatch",
-        args: [account2, permission, calls]
+    if (url === "/api/account" && req.method === "POST") {
+      this.handleSaveAccount(req, res);
+      return;
+    }
+    if (url === "/api/account" && (req.method === "GET" || req.method == null)) {
+      this.sendJsonFile(res, (0, import_node_path4.join)(this.projectRoot, ".sail", "account.json"), {
+        status: 404,
+        body: { error: "account not found" }
       });
-      if (approved) return permission;
-    } catch {
+      return;
     }
-  }
-  return void 0;
-}
-
-// src/commands/doctor.ts
-var LOW_GAS_THRESHOLD_WEI = 500000000000000n;
-async function nativeBalance(pc, address) {
-  const wei = await pc.getBalance({ address });
-  return {
-    address,
-    wei: wei.toString(),
-    eth: formatEther(wei),
-    funded: wei > 0n,
-    low: wei > 0n && wei < LOW_GAS_THRESHOLD_WEI
-  };
-}
-function keystoreAddress(role, safe) {
-  const ks = readJsonFile(resolveKeyPath(role, safe));
-  return ks?.address ? getAddress(`0x${ks.address.replace(/^0x/, "")}`) : null;
-}
-var PROBE_TARGET = "0x000000000000000000000000000000000000dEaD";
-var PROBE_SELECTOR = "0xffffffff";
-var PROBE_DATA = "0xffffffff";
-async function probePassThrough(pc, permission, account2) {
-  try {
-    const ok = await pc.readContract({
-      address: permission,
-      abi: IPERMISSION_ABI,
-      functionName: "evaluate",
-      args: [
-        PROBE_DATA,
-        {
-          account: account2,
-          manager: account2,
-          submitter: account2,
-          target: PROBE_TARGET,
-          selector: PROBE_SELECTOR,
-          value: 0n,
-          blockTimestamp: 0n,
-          blockNumber: 0n
+    if (url === "/api/accounts" && (req.method === "GET" || req.method == null)) {
+      this.handleListAccounts(res);
+      return;
+    }
+    const resultMatch = url.match(/^\/requests\/([^/]+)\/result$/);
+    if (resultMatch && (req.method === "GET" || req.method == null)) {
+      if (!isAuthenticated) {
+        res.writeHead(403, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "forbidden" }));
+        return;
+      }
+      const id = decodeURIComponent(resultMatch[1]);
+      this.waitForResult(id, RESULT_LONGPOLL_MS).then((result) => {
+        if (result) {
+          res.writeHead(200, { "Content-Type": "application/json" });
+          res.end(JSON.stringify(result));
+        } else {
+          res.writeHead(204);
+          res.end();
         }
-      ]
-    });
-    return { permission, passesThrough: ok };
-  } catch (err) {
-    return {
-      permission,
-      passesThrough: false,
-      note: `evaluate reverted (${err.message.split("\n")[0]})`
+      });
+      return;
+    }
+    if (this.uiDist) {
+      const rawPath = (req.url ?? "/").split("?")[0];
+      const filePath = (0, import_node_path4.resolve)((0, import_node_path4.join)(this.uiDist, rawPath === "/" ? "index.html" : rawPath));
+      if (!filePath.startsWith((0, import_node_path4.resolve)(this.uiDist))) {
+        res.writeHead(403);
+        res.end();
+        return;
+      }
+      if ((0, import_node_fs5.existsSync)(filePath)) {
+        const mime = MIME[(0, import_node_path4.extname)(filePath)] ?? "application/octet-stream";
+        res.writeHead(200, { "Content-Type": mime });
+        res.end((0, import_node_fs5.readFileSync)(filePath));
+        return;
+      }
+      const indexHtml = (0, import_node_path4.join)(this.uiDist, "index.html");
+      if ((0, import_node_fs5.existsSync)(indexHtml)) {
+        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+        res.end((0, import_node_fs5.readFileSync)(indexHtml));
+        return;
+      }
+    }
+    res.writeHead(404);
+    res.end();
+  }
+  handleConnection(ws) {
+    this.clients.add(ws);
+    const msg = {
+      type: "pending",
+      requests: Array.from(this.pending.values()).map((e) => e.request)
     };
+    ws.send(JSON.stringify(msg));
+    ws.on("message", (data) => {
+      try {
+        const parsed = JSON.parse(data.toString());
+        this.handleClientMessage(ws, parsed);
+      } catch {
+      }
+    });
+    ws.on("close", () => this.clients.delete(ws));
+    ws.on("error", () => this.clients.delete(ws));
   }
-}
-async function doctor(options = {}) {
-  const project = new ProjectContext();
-  const chainId = project.chainId;
-  const kernel = project.contracts.kernel;
-  const rpcUrl = getRpcUrl(chainId) ?? getChainById(chainId).rpcUrls.default.http[0];
-  const client = new SailorClient({ chainId, rpcUrl, kernel });
-  const pc = createPublicClient({ chain: getChainById(chainId), transport: http(rpcUrl) });
-  const caps = await client.capabilities();
-  const stored = readJsonFile(sailPath("account.json"));
-  const safe = options.account ? getAddress(options.account) : stored?.safe ? getAddress(stored.safe) : null;
-  let permissions = [];
-  let checks = [];
-  let permsNoCode = [];
-  if (safe) {
-    const mandates = await client.mandate.list(safe);
-    permissions = mandates.map((m) => getAddress(m.permission));
-    if (permissions.length > 0) {
-      const codeChecks = await Promise.all(permissions.map((p) => checkContractExists(pc, p)));
-      permsNoCode = codeChecks.filter((c) => !c.hasCode && !c.error).map((c) => c.address);
+  handleClientMessage(_ws, msg) {
+    if (msg.type === "wallet-connected") {
+      if (typeof msg.address !== "string" || !/^0x[0-9a-fA-F]{40}$/.test(msg.address)) return;
+      this._connectedWallet = msg.address;
+      for (const listener of this.walletListeners) listener(msg.address);
+      this.walletListeners = [];
+      return;
     }
-    if (caps.dispatchModel === "conjunctive" && permissions.length > 0) {
-      checks = await Promise.all(permissions.map((p) => probePassThrough(pc, p, safe)));
+    if (msg.type === "wallet-disconnected") {
+      this._connectedWallet = void 0;
+      return;
+    }
+    const entry = this.pending.get(msg.requestId);
+    if (!entry) return;
+    clearTimeout(entry.timer);
+    this.pending.delete(msg.requestId);
+    const { request } = entry;
+    if (msg.type === "signed") {
+      this.recordResult(
+        { status: "signed", requestId: msg.requestId, txHash: msg.txHash },
+        request
+      );
+    } else if (msg.type === "signature") {
+      this.recordResult(
+        { status: "signature", requestId: msg.requestId, signature: msg.signature },
+        request
+      );
+    } else {
+      this.recordResult(
+        {
+          status: "rejected",
+          requestId: msg.requestId,
+          reason: msg.reason
+        },
+        request
+      );
     }
   }
-  const bricking = checks.filter((c) => c.passesThrough === false);
-  const healthy = safe !== null && bricking.length === 0;
-  const ownerAddr = stored?.owner ? getAddress(stored.owner) : project.getOwner();
-  const managerAddr = stored?.manager ? getAddress(stored.manager) : keystoreAddress("manager", stored?.safe);
-  let chainIdOnChain = null;
-  try {
-    chainIdOnChain = await pc.getChainId();
-  } catch {
+  readBody(req, maxBytes = 1e6) {
+    return new Promise((res, rej) => {
+      let size5 = 0;
+      const chunks = [];
+      req.on("data", (c) => {
+        size5 += c.length;
+        if (size5 > maxBytes) {
+          rej(new Error("Request body too large"));
+          req.destroy();
+          return;
+        }
+        chunks.push(c);
+      });
+      req.on("end", () => res(Buffer.concat(chunks).toString("utf8")));
+      req.on("error", rej);
+    });
   }
-  const chainIdMatches = chainIdOnChain === null ? null : chainIdOnChain === chainId;
-  let ownerBal = null;
-  let managerBal = null;
-  try {
-    if (ownerAddr) ownerBal = await nativeBalance(pc, ownerAddr);
-    if (managerAddr) managerBal = await nativeBalance(pc, managerAddr);
-  } catch {
+  broadcast(msg) {
+    const data = JSON.stringify(msg);
+    for (const ws of this.clients) {
+      if (ws.readyState === import_websocket2.default.OPEN) ws.send(data);
+    }
   }
-  if (options.json) {
-    console.log(
+  writeRuntimeState() {
+    if (!(0, import_node_fs5.existsSync)(this.runtimeDir)) (0, import_node_fs5.mkdirSync)(this.runtimeDir, { recursive: true });
+    (0, import_node_fs5.writeFileSync)(
+      (0, import_node_path4.join)(this.runtimeDir, SERVER_STATE_FILE),
       JSON.stringify(
         {
-          chainId,
-          kernel,
-          dispatchModel: caps.dispatchModel,
-          dispatchTypehash: caps.dispatchTypehash,
-          capabilitySource: caps.source,
-          rpc: { chainIdOnChain, chainIdMatches },
-          wallet: {
-            owner: ownerAddr ? { address: ownerAddr, ...ownerBal ?? {} } : null,
-            manager: managerAddr ? { address: managerAddr, ...managerBal ?? {} } : null
-          },
-          account: safe,
-          saltNonce: stored?.saltNonce ?? null,
-          permissions,
-          permissionsWithoutCode: permsNoCode,
-          conjunctivePassThrough: caps.dispatchModel === "conjunctive" ? checks.map((c) => ({
-            permission: c.permission,
-            passesThrough: c.passesThrough,
-            note: c.note
-          })) : "n/a (selective kernel)",
-          healthy
+          url: this._url,
+          wsUrl: this.wsUrl,
+          port: this.port,
+          startedAt: (/* @__PURE__ */ new Date()).toISOString(),
+          pid: process.pid,
+          requestSecret: this.requestSecret
         },
         null,
         2
       )
     );
-    return;
   }
-  const multiBricking = bricking.length > 0 && permissions.length > 1;
-  if (!safe) {
-    console.log('\u2717 Setup incomplete \u2014 no SMA found. Run "sailor onboard --new-sma" to deploy one.');
-  } else if (permissions.length === 0) {
-    console.log("\u2717 Setup incomplete \u2014 no permissions registered. Your agent cannot dispatch until at least one permission is attached.");
-  } else if (multiBricking) {
-    console.log(`\u2717 Setup issue \u2014 ${bricking.length} of ${permissions.length} permissions block unrelated calls (see below).`);
-  } else {
-    console.log(
-      "\u2713 Everything looks good \u2014 your SMA is deployed, your permission is registered,\n  and your agent is authorized to dispatch."
-    );
+  removeRuntimeState() {
+    const path8 = (0, import_node_path4.join)(this.runtimeDir, SERVER_STATE_FILE);
+    try {
+      if ((0, import_node_fs5.existsSync)(path8)) (0, import_node_fs5.unlinkSync)(path8);
+    } catch {
+    }
   }
-  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
-  console.log(`Chain:   ${chainId}`);
-  console.log(`Kernel:  ${kernel}`);
-  console.log(`  dispatch model:  ${caps.dispatchModel}  (detected via ${caps.source})`);
-  console.log(`  DISPATCH_TYPEHASH: ${caps.dispatchTypehash}`);
-  console.log("\nWallet & gas:");
-  if (chainIdMatches === false) {
-    console.log(
-      `  \u2717 RPC serves chain ${chainIdOnChain}, but the project is configured for ${chainId}. Fix RPC_URL in .sail/.env.local before doing anything.`
-    );
-  } else if (chainIdMatches === true) {
-    console.log(`  \u2713 RPC serves the configured chain (${chainId}).`);
+};
+async function findAvailablePort(startPort) {
+  return new Promise((res) => {
+    const probe = (0, import_node_net.createServer)();
+    probe.listen(startPort, "127.0.0.1", () => {
+      const addr = probe.address();
+      probe.close(() => res(addr.port));
+    });
+    probe.on("error", () => res(findAvailablePort(startPort + 1)));
+  });
+}
+
+// src/signing/client.ts
+var RUNTIME_SERVER_FILE = (0, import_node_path5.join)(".sail", "runtime", "server.json");
+var sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+var SigningClient = class {
+  constructor(baseUrl, requestSecret = "") {
+    this.baseUrl = baseUrl;
+    this.requestSecret = requestSecret;
   }
-  const showBalance = (label, addr, bal) => {
-    if (!addr) {
-      console.log(`  ${label}: not set`);
-      return;
-    }
-    if (!bal) {
-      console.log(`  ${label}: ${addr}  (balance unavailable)`);
-      return;
+  remote = true;
+  get url() {
+    return this.baseUrl;
+  }
+  async start() {
+    if (!await this.ping()) {
+      throw new Error(`Signing station not reachable at ${this.baseUrl}`);
     }
-    const flag = !bal.funded ? "\u2717 unfunded" : bal.low ? "\u26A0 low" : "\u2713";
-    console.log(`  ${label}: ${addr}  ${bal.eth} ETH  ${flag}`);
-  };
-  showBalance("owner  ", ownerAddr, ownerBal);
-  showBalance("manager", managerAddr, managerBal);
-  if (managerBal && !managerBal.funded) {
-    console.log(
-      '  \u2192 The manager (agent) pays gas. Fund it before "sailor run" or dispatches fail.'
-    );
   }
-  if (!safe) {
-    console.log('\nAccount: none found. Run "sailor onboard --new-sma", or pass --account <addr>.');
-    console.log("Skipping permission checks.");
-    return;
+  /** No-op: never tear down a daemon the user is running in another process. */
+  stop() {
   }
-  console.log(`Account: ${safe}`);
-  if (stored?.saltNonce != null) {
-    const saltNonce = BigInt(stored.saltNonce);
-    const MAINNET_CHAINS = [8453, 42161, 130];
+  async ping() {
     try {
-      const proxyCreationCode = await pc.readContract({
-        address: SAFE_V141.proxyFactory,
-        abi: safeProxyFactoryAbi,
-        functionName: "proxyCreationCode"
+      const r = await fetch(`${this.baseUrl}/config`, { signal: AbortSignal.timeout(1500) });
+      return r.ok;
+    } catch {
+      return false;
+    }
+  }
+  async requestSignature(req, timeoutMs = 10 * 60 * 1e3) {
+    const enqueueRes = await fetch(`${this.baseUrl}/requests`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "x-sailor-secret": this.requestSecret },
+      body: JSON.stringify(req)
+    });
+    if (!enqueueRes.ok) {
+      throw new Error(`Failed to enqueue signing request (HTTP ${enqueueRes.status})`);
+    }
+    const { id } = await enqueueRes.json();
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline) {
+      const res = await fetch(`${this.baseUrl}/requests/${encodeURIComponent(id)}/result`, {
+        headers: { "x-sailor-secret": this.requestSecret }
       });
-      const ownerAddr2 = stored.owner ? getAddress(stored.owner) : null;
-      const managerAddr2 = stored.manager ? getAddress(stored.manager) : null;
-      if (ownerAddr2 && managerAddr2) {
-        console.log(
-          `
-Multi-chain addresses (salt ${saltNonce}, owner ${ownerAddr2}, manager ${managerAddr2}):`
-        );
-        const CHAIN_NAMES = { 8453: "Base", 42161: "Arbitrum", 130: "Unichain" };
-        for (const cid of MAINNET_CHAINS) {
-          const dep = sailDeployments[cid];
-          const initializer = buildSafeSetupInitializer({
-            owners: [ownerAddr2],
-            threshold: 1n,
-            kernel: dep.kernel,
-            safeModuleEnabler: dep.safeModuleEnabler
-          });
-          const predicted = computeSailSmaAddress({
-            initializer,
-            saltNonce,
-            deployer: ownerAddr2,
-            permissionSigner: ownerAddr2,
-            manager: managerAddr2,
-            feePolicy: dep.standardFeePolicy,
-            proxyCreationCode
-          });
-          const isDeployed = predicted.toLowerCase() === safe.toLowerCase() && cid === chainId;
-          const label = isDeployed ? "deployed (this account)" : predicted;
-          console.log(`  ${CHAIN_NAMES[cid].padEnd(12)} (${cid}):  ${label}`);
-        }
-        console.log(
-          '  \u26A0  Addresses differ per chain (chain-specific kernel salt + initializer). Run "sailor account predict" for details.'
-        );
+      if (res.status === 200) return await res.json();
+      if (res.status !== 204) {
+        throw new Error(`Unexpected result status ${res.status} from signing station`);
       }
-    } catch {
     }
-  } else if (stored) {
-    console.log(
-      "\nMulti-chain addresses: saltNonce not stored (deployed before salt tracking)."
-    );
-    console.log("  To enable: re-deploy with sailor onboard --new-sma --salt 0");
-  }
-  if (permissions.length === 0) {
-    console.log(
-      "\n\u26A0 No permissions registered \u2014 every dispatch will be denied (NoPermissionsRegistered)."
-    );
-    console.log('  Register at least one with "sailor mandate attach".');
-    return;
-  }
-  console.log(`
-Registered permissions (${permissions.length}):`);
-  if (permsNoCode.length > 0) {
-    console.log(
-      `
-\u26A0 ${permsNoCode.length} registered permission(s) have NO contract code on chain ${chainId} \u2014 dispatches naming them will fail. Verify the address (wrong chain?) or revoke:`
-    );
-    permsNoCode.forEach((p) => console.log(`    ${p}`));
-  }
-  if (caps.dispatchModel === "selective") {
-    permissions.forEach((p, i) => console.log(`  ${i + 1}. ${p}`));
-    console.log("\nEach dispatch names one permission, so pass-through is not required.");
-    return;
+    throw new Error(`Signing request "${req.title}" timed out after ${timeoutMs / 1e3}s`);
   }
-  for (let i = 0; i < checks.length; i++) {
-    const c = checks[i];
-    const mark = c.passesThrough ? "\u2713 pass-through" : "\u2717 NOT pass-through";
-    console.log(`  ${i + 1}. ${c.permission}  ${mark}${c.note ? `  (${c.note})` : ""}`);
+  async waitForWallet(timeoutMs = 5 * 60 * 1e3) {
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline) {
+      try {
+        const r = await fetch(`${this.baseUrl}/wallet`, {
+          headers: { "x-sailor-secret": this.requestSecret },
+          signal: AbortSignal.timeout(2e3)
+        });
+        if (r.ok) {
+          const { address } = await r.json();
+          if (address) return address;
+        }
+      } catch {
+      }
+      await sleep(1e3);
+    }
+    throw new Error("Timed out waiting for wallet connection in the signing UI");
   }
-  if (multiBricking) {
-    console.log(
-      `
-\u2717 ${bricking.length} permission(s) return false for unrelated calls. On this kernel EVERY registered permission must approve EVERY call, so these BRICK all dispatches (they surface as PermissionDenied). Revoke or replace them with pass-through versions:`
-    );
-    bricking.forEach((c) => console.log(`    ${c.permission}`));
-  } else if (permissions.length > 1) {
-    console.log("\n\u2713 All permissions pass through unrelated calls \u2014 dispatch will not be bricked.");
+};
+function readRuntimeServerState(projectRoot) {
+  const file = (0, import_node_path5.join)(projectRoot, RUNTIME_SERVER_FILE);
+  if (!(0, import_node_fs6.existsSync)(file)) return null;
+  try {
+    return JSON.parse((0, import_node_fs6.readFileSync)(file, "utf8"));
+  } catch {
+    return null;
   }
-  console.log(`
-Probe is heuristic: an unknown selector (${PROBE_SELECTOR}) to a neutral target (${PROBE_TARGET}).`);
 }
-
-// src/commands/init.ts
-var import_node_fs6 = __toESM(require("node:fs"), 1);
-var import_node_path5 = __toESM(require("node:path"), 1);
-
-// src/lib/foundry.ts
-var import_node_fs4 = require("node:fs");
-var import_node_path3 = require("node:path");
-var FOUNDRY_TOML = `[profile.default]
-src = "mandates"
-out = "out"
-libs = ["lib"]
-remappings = ["@sail/=.sail/contracts/"]
-solc = "0.8.26"
-optimizer = true
-optimizer_runs = 200
-# Mandates are deployed as standalone contracts and configured via their
-# constructor, then attached to a Safe with \`sailor mandate attach\`.
-`;
-var IPERMISSION_SOL = `// SPDX-License-Identifier: MIT
-pragma solidity 0.8.26;
-
-/// @notice Execution context passed to every permission on each dispatch call.
-/// @dev    Read-only snapshot of the transaction environment (staticcall).
-struct Context {
-    address account;        // the Safe whose assets are being moved
-    address manager;        // the delegated signer who submitted the dispatch
-    address submitter;      // msg.sender of the dispatch (may be a relayer)
-    address target;         // the call target
-    bytes4  selector;       // leading 4 bytes of calldata
-    uint256 value;          // native ETH forwarded (wei)
-    uint256 blockTimestamp; // block.timestamp at dispatch
-    uint256 blockNumber;    // block.number at dispatch
+async function discoverDaemon(projectRoot = process.cwd()) {
+  const state = readRuntimeServerState(projectRoot);
+  if (!state?.url) return null;
+  const client = new SigningClient(state.url, state.requestSecret ?? "");
+  return await client.ping() ? client : null;
 }
-
-/// @title  IPermission
-/// @notice Interface every Sail permission (mandate) contract must implement.
-/// @dev    Evaluated via staticcall with a fixed gas cap; a revert or gas
-///         exhaustion is treated as \`false\`. Must not mutate state.
-interface IPermission {
-    /// @notice Decide whether a manager-submitted transaction is permitted.
-    function evaluate(bytes calldata txData, Context calldata ctx) external view returns (bool);
-
-    /// @notice Optional stable identifier for off-chain indexing/deduplication.
-    function discriminator() external view returns (bytes32);
+async function createSigningChannel(projectRoot = process.cwd()) {
+  const daemon = await discoverDaemon(projectRoot);
+  if (daemon) return daemon;
+  return new SigningServer({ projectRoot, advertise: false });
 }
-`;
-var EXAMPLE_MANDATE_SOL = `// SPDX-License-Identifier: MIT
-pragma solidity 0.8.26;
-
-import {IPermission, Context} from "@sail/interfaces/IPermission.sol";
-
-/// @title  BoundedCallPermission
-/// @notice General-purpose IPermission primitive. Bounds the universal properties of any call:
-///         allowed targets, allowed selectors, and max ETH value. Protocol-agnostic.
-///         For calldata-parameter bounds (amount caps, recipient checks, slippage), write a
-///         protocol-specific permission \u2014 see examples/permissions/ for the pattern per protocol.
-/// @dev Deploy one instance per SMA with constructor-configured parameters.
-contract BoundedCallPermission is IPermission {
-    bytes32 private constant DISCRIMINATOR = keccak256("BoundedCallPermission");
-
-    mapping(address => bool) public isAllowedTarget;
-    mapping(bytes4 => bool) public isAllowedSelector;
-    bool public immutable SELECTOR_FILTERING;
-    uint256 public immutable MAX_VALUE;
-
-    constructor(address[] memory allowedTargets, bytes4[] memory allowedSelectors, uint256 maxValue) {
-        for (uint256 i = 0; i < allowedTargets.length; i++) isAllowedTarget[allowedTargets[i]] = true;
-        SELECTOR_FILTERING = allowedSelectors.length > 0;
-        for (uint256 i = 0; i < allowedSelectors.length; i++) isAllowedSelector[allowedSelectors[i]] = true;
-        MAX_VALUE = maxValue;
-    }
-
-    function evaluate(bytes calldata, Context calldata ctx) external view returns (bool) {
-        if (!isAllowedTarget[ctx.target]) return false;
-        if (SELECTOR_FILTERING && !isAllowedSelector[ctx.selector]) return false;
-        if (ctx.value > MAX_VALUE) return false;
-        return true;
-    }
 
-    function discriminator() external pure returns (bytes32) { return DISCRIMINATOR; }
+// src/commands/account.ts
+function resolveChain(chainId) {
+  try {
+    return getChain(chainId);
+  } catch {
+    throw new Error(
+      `Chain ${chainId} is not yet configured in @sail/chains.
+The SailKernel and mandate-factory addresses for this chain are unknown,
+so an account cannot be created yet. Add the chain to @sail/chains once
+SailKernel is deployed there.`
+    );
+  }
 }
-`;
-var MANDATES_README = `# Mandates
-
-Solidity permission contracts for this Sailor project live here.
-
-A permission implements \`@sail/interfaces/IPermission.sol\` \u2014 \`evaluate(txData, ctx)\`
-returns \`true\` to permit a manager-submitted dispatch, \`false\` to block it.
-
-## Authoring + deploying
-
-1. Start from \`BoundedCallPermission.sol\` for target/selector/value gating.
-   For calldata-parameter bounds (amount caps, slippage, recipient checks),
-   decode \`txData\` with the target protocol's ABI and add bounds to \`evaluate()\`.
-   Configure all parameters in the **constructor** \u2014 the deploy flow expects a
-   single creation transaction to fully set up the permission.
-2. Compile:
-   \`\`\`bash
-   forge build
-   \`\`\`
-3. Deploy it (the owner signs the creation tx in the browser signing UI):
-   \`\`\`bash
-   sailor mandate deploy --contract BoundedCallPermission \\
-     --args '[["0xTarget1", "0xTarget2"], [], 0]'
-   \`\`\`
-   Args: (allowedTargets[], allowedSelectors[], maxValue).
-   Pass an empty selector array [] to skip selector filtering.
-   Pass 0 for maxValue to block all ETH transfers.
-4. Attach it to a Safe:
-   \`\`\`bash
-   sailor mandate attach --address 0xDeployed --sma 0xSafe
-   \`\`\`
-   (or pass \`--attach --sma 0xSafe\` to \`deploy\` to do both at once.)
-
-Compiled artifacts are written to \`out/\` and the deployed address is tracked in
-\`.sail/state/mandates.json\`.
-`;
-function scaffoldFoundryWorkspace(root) {
-  const dirs = [(0, import_node_path3.join)(root, "mandates"), (0, import_node_path3.join)(root, ".sail", "contracts", "interfaces")];
-  for (const d of dirs) {
-    if (!(0, import_node_fs4.existsSync)(d)) (0, import_node_fs4.mkdirSync)(d, { recursive: true });
+async function accountCreate() {
+  if (!keyExists("manager")) {
+    throw new Error(
+      'No agent wallet found.\nRun "sailor keys generate" and choose "agent wallet" first.'
+    );
+  }
+  const env = parseEnvFile(sailPath(".env.local"));
+  const rpcUrl = env["RPC_URL"] ?? process.env["RPC_URL"];
+  const chainIdRaw = env["CHAIN_ID"] ?? process.env["CHAIN_ID"];
+  if (!rpcUrl || !chainIdRaw) {
+    throw new Error(
+      "RPC_URL and CHAIN_ID must be set in .sail/.env.local.\nCreate that file with, for example:\n  RPC_URL=https://your-rpc-endpoint\n  CHAIN_ID=8453"
+    );
+  }
+  const chainId = Number(chainIdRaw);
+  if (Number.isNaN(chainId)) {
+    throw new Error(`Invalid CHAIN_ID: "${chainIdRaw}" \u2014 must be a number.`);
+  }
+  const chain2 = resolveChain(chainId);
+  console.log(`Chain ${chainId} (${chain2.name})`);
+  console.log(`  SailKernel:      ${checksum4(chain2.kernel)}`);
+  console.log(`  Mandate factory: ${checksum4(chain2.mandateFactory)}
+`);
+  const manager = await loadKeyring("manager");
+  const managerAddr = checksum4(manager.address);
+  const safeFactory = await promptAddress("Safe factory address");
+  const safeSingleton = await promptAddress("Safe singleton address");
+  const owner2 = await promptAddress("Owner (EOA) address", managerAddr);
+  const permissionSigner = await promptAddress("Mandate signer address", managerAddr);
+  const feePolicy = await prompt("Fee policy", "none");
+  console.log("\nCreating SMA with:");
+  console.log(`  Owner:           ${owner2}`);
+  console.log(`  Agent wallet:    ${managerAddr}`);
+  console.log(`  Mandate signer:  ${permissionSigner}`);
+  console.log(`  Safe factory:    ${safeFactory}`);
+  console.log(`  Safe singleton:  ${safeSingleton}`);
+  console.log(`  Fee policy:      ${feePolicy}`);
+  const client = makeClient(chainId);
+  try {
+    const account2 = await client.account.create({
+      owner: owner2,
+      permissionSigner,
+      manager: managerAddr,
+      chainId
+    });
+    const stored = {
+      safe: checksum4(account2.safe),
+      owner: checksum4(account2.owner),
+      permissionSigner: checksum4(account2.permissionSigner),
+      manager: checksum4(account2.manager),
+      chainId: account2.chainId,
+      createdAtBlock: account2.createdAtBlock.toString()
+    };
+    upsertAccountInList(stored);
+    writeJsonFile(sailPath("account.json"), stored);
+    console.log(`
+SMA created. Address: ${stored.safe}`);
+    console.log("Saved to .sail/account.json");
+  } catch (err) {
+    if (err.message === "not implemented") {
+      console.log(
+        "\nOn-chain account creation is not wired up in this build yet \u2014\nclient.account.create is a stub until SailKernel is deployed and the\nSDK is connected. Nothing was created on-chain."
+      );
+      return;
+    }
+    throw err;
   }
-  writeIfMissing((0, import_node_path3.join)(root, "foundry.toml"), FOUNDRY_TOML);
-  writeIfMissing(
-    (0, import_node_path3.join)(root, ".sail", "contracts", "interfaces", "IPermission.sol"),
-    IPERMISSION_SOL
-  );
-  writeIfMissing((0, import_node_path3.join)(root, "mandates", "BoundedCallPermission.sol"), EXAMPLE_MANDATE_SOL);
-  writeIfMissing((0, import_node_path3.join)(root, "mandates", "README.md"), MANDATES_README);
 }
-function writeIfMissing(path8, content) {
-  if (!(0, import_node_fs4.existsSync)(path8)) (0, import_node_fs4.writeFileSync)(path8, content, "utf8");
+var SAIL_MAINNET_CHAINS = [1, 8453, 42161, 130];
+async function fetchProxyCreationCode(preferredChainId) {
+  const rpcUrl = getRpcUrl(preferredChainId) ?? void 0;
+  const publicClient = createPublicClient({
+    chain: getChainById(preferredChainId),
+    transport: http(rpcUrl)
+  });
+  return await publicClient.readContract({
+    address: SAFE_V141.proxyFactory,
+    abi: safeProxyFactoryAbi,
+    functionName: "proxyCreationCode"
+  });
 }
-
-// src/lib/packagePaths.ts
-var import_node_fs5 = __toESM(require("node:fs"), 1);
-var import_node_path4 = __toESM(require("node:path"), 1);
-function cliDistDir() {
-  try {
-    return import_node_path4.default.dirname(import_node_fs5.default.realpathSync(process.argv[1]));
-  } catch {
-    return import_node_path4.default.dirname(import_node_path4.default.resolve(process.argv[1]));
+async function accountPredict(options) {
+  const stored = readJsonFile(sailPath("account.json"));
+  let ownerAddr;
+  if (options.owner) {
+    if (!isAddress(options.owner, { strict: false })) {
+      throw new Error(`Invalid --owner address: ${options.owner}`);
+    }
+    ownerAddr = getAddress(options.owner);
+  } else {
+    if (!stored?.owner) {
+      throw new Error(
+        "No owner found in .sail/account.json. Pass --owner <address> or run sailor onboard first."
+      );
+    }
+    ownerAddr = getAddress(stored.owner);
   }
-}
-function packageRoot() {
-  let dir = cliDistDir();
-  let firstBinMatch = null;
-  for (let depth = 0; depth < 6; depth++) {
-    const pkgFile = import_node_path4.default.join(dir, "package.json");
-    if (import_node_fs5.default.existsSync(pkgFile)) {
-      try {
-        const pkg = JSON.parse(import_node_fs5.default.readFileSync(pkgFile, "utf-8"));
-        if (pkg.bin?.sailor) {
-          if (firstBinMatch === null) firstBinMatch = dir;
-          if (import_node_fs5.default.existsSync(import_node_path4.default.join(dir, "templates"))) return dir;
-        }
-      } catch {
-      }
+  let managerAddr;
+  if (options.manager) {
+    if (!isAddress(options.manager, { strict: false })) {
+      throw new Error(`Invalid --manager address: ${options.manager}`);
     }
-    const parent = import_node_path4.default.dirname(dir);
-    if (parent === dir) break;
-    dir = parent;
+    managerAddr = getAddress(options.manager);
+  } else if (stored?.manager) {
+    managerAddr = getAddress(stored.manager);
+  } else {
+    throw new Error(
+      "The predicted address depends on the agent (manager) wallet, which is mixed into the kernel's CREATE2 salt.\nPass --manager <agent address> (create one first with `sailor keys`), or run after onboarding so it can be read from .sail/account.json."
+    );
   }
-  return firstBinMatch ?? import_node_path4.default.resolve(cliDistDir(), "../../..");
-}
-function projectPort(projectRoot) {
-  const hash3 = [...projectRoot].reduce((h, c) => (h << 5) - h + c.charCodeAt(0) >>> 0, 0);
-  return 3333 + hash3 % 667;
-}
-
-// src/commands/init.ts
-var TEMPLATE_COPY_EXCLUDES = /* @__PURE__ */ new Set([
-  "node_modules",
-  "dist",
-  "out",
-  "cache",
-  "broadcast",
-  ".git"
-]);
-function copyDirSync(src, dest) {
-  import_node_fs6.default.mkdirSync(dest, { recursive: true });
-  for (const entry of import_node_fs6.default.readdirSync(src, { withFileTypes: true })) {
-    if (TEMPLATE_COPY_EXCLUDES.has(entry.name)) continue;
-    const srcPath = import_node_path5.default.join(src, entry.name);
-    const destName = entry.name === "_gitignore" ? ".gitignore" : entry.name;
-    const destPath = import_node_path5.default.join(dest, destName);
-    if (entry.isDirectory()) {
-      copyDirSync(srcPath, destPath);
-    } else {
-      import_node_fs6.default.copyFileSync(srcPath, destPath);
+  if (options.salt != null && !/^\d+$/.test(options.salt)) {
+    throw new Error(`Invalid --salt value: "${options.salt}" \u2014 must be a non-negative integer.`);
+  }
+  const saltNonce = options.salt != null ? BigInt(options.salt) : 0n;
+  let chainIds;
+  if (options.chain) {
+    const chainId = Number(options.chain);
+    if (!(chainId in sailDeployments)) {
+      throw new Error(
+        `Chain ${chainId} has no Sail Protocol deployment. Supported: ${Object.keys(sailDeployments).join(", ")}`
+      );
     }
+    chainIds = [chainId];
+  } else {
+    chainIds = SAIL_MAINNET_CHAINS;
   }
+  const preferredChain = chainIds.find((cid) => getRpcUrl(cid) != null) ?? chainIds[0];
+  const proxyCreationCode = await fetchProxyCreationCode(preferredChain);
+  const results = chainIds.map((chainId) => {
+    const deployment = sailDeployments[chainId];
+    const viemChain = getChainById(chainId);
+    const { predicted: predictedAddress } = buildSmaAddressPrediction(
+      deployment,
+      ownerAddr,
+      managerAddr,
+      saltNonce,
+      proxyCreationCode
+    );
+    return {
+      chainId,
+      name: viemChain.name,
+      predictedAddress,
+      kernel: deployment.kernel,
+      safeModuleEnabler: deployment.safeModuleEnabler
+    };
+  });
+  const uniqueAddresses = new Set(results.map((r) => r.predictedAddress.toLowerCase()));
+  const allSame = uniqueAddresses.size === 1;
+  if (options.json) {
+    console.log(
+      JSON.stringify(
+        {
+          salt: saltNonce.toString(),
+          owner: ownerAddr,
+          manager: managerAddr,
+          chains: results.map(({ chainId, name, predictedAddress }) => ({
+            chainId,
+            name,
+            predictedAddress
+          })),
+          allSame,
+          note: allSame ? "All chains produce the same address with this salt, owner, and manager." : "Addresses differ per chain because the kernel salt binds the chain-specific fee policy and the Safe initializer encodes chain-specific contract addresses (kernel, safeModuleEnabler). Cross-chain same-address requires deterministic protocol deployment or a registerExisting() flow."
+        },
+        null,
+        2
+      )
+    );
+    return;
+  }
+  console.log("\nPredicted Safe addresses");
+  console.log(`  Owner:   ${ownerAddr}`);
+  console.log(`  Manager: ${managerAddr}`);
+  console.log(`  Salt:    ${saltNonce}`);
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  for (const { chainId, name, predictedAddress } of results) {
+    console.log(`  ${name.padEnd(14)} (${String(chainId).padEnd(5)}):  ${predictedAddress}`);
+  }
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  if (allSame) {
+    console.log("\u2713 All chains produce the same address.");
+  } else {
+    console.log("\n\u26A0  Addresses differ across chains.");
+    console.log(
+      "   Root cause: SailKernel.createAccount binds the CREATE2 salt as\n   keccak256(saltNonce, deployer, permissionSigner, manager, feePolicy),\n   then SafeProxyFactory derives the address from that bound salt and the\n   Safe initializer. Both the fee policy and the initializer (kernel,\n   safeModuleEnabler) are chain-specific, so each chain yields a different\n   address even with the same owner, manager, and salt.\n\n   For cross-chain same-address the Sail Protocol needs one of:\n   A) Deterministic (CREATE2) deployment of kernel + safeModuleEnabler +\n      fee policy so they land at the same address on every chain.\n   B) A registerExisting() path allowing a plain Safe (deployed with a\n      chain-agnostic initializer) to be registered with the kernel."
+    );
+  }
+  console.log(`
+To deploy on this chain: sailor onboard --new-sma --salt ${saltNonce}`);
 }
-var SAIL_WORKSPACE_README = `# Sailor Project Workspace
-
-This folder is the local workspace for one Sailor agent deployment.
-
-## Layout
-
-- \`config.json\` is the project manifest: name, chain, and state location.
-- \`keys/\` stores encrypted local signing keys. Never commit these files.
-- \`runtime/\` is for local UI and signing handoff state.
-- \`state/\` is for persistent agent state, audit logs, and tx history.
-
-AI coding agents should read the project's \`AGENTS.md\` and this folder's \`config.json\`
-before changing strategy code or running commands that touch funds.
-`;
-function writeIfMissing2(file, content) {
-  if (!import_node_fs6.default.existsSync(file)) import_node_fs6.default.writeFileSync(file, content, "utf-8");
-}
-function scaffoldProjectWorkspace(dest, name, options) {
-  const chainId = options.chain ? (() => {
-    const n = Number(options.chain);
-    if (!Number.isInteger(n) || n <= 0) throw new Error(`Invalid chain id: "${options.chain}"`);
-    return n;
-  })() : null;
-  const sailDir2 = import_node_path5.default.join(dest, ".sail");
-  import_node_fs6.default.mkdirSync(import_node_path5.default.join(sailDir2, "keys"), { recursive: true });
-  import_node_fs6.default.mkdirSync(import_node_path5.default.join(sailDir2, "runtime"), { recursive: true });
-  import_node_fs6.default.mkdirSync(import_node_path5.default.join(sailDir2, "state"), { recursive: true });
-  import_node_fs6.default.writeFileSync(
-    import_node_path5.default.join(sailDir2, "config.json"),
-    `${JSON.stringify(
-      {
-        version: 1,
-        name,
-        chainId,
-        // null = chain not yet chosen; Stage 1 will set this
-        stateDir: ".sail/state",
-        createdAt: (/* @__PURE__ */ new Date()).toISOString(),
-        contracts: {
-          kernel: "",
-          mandateFactory: ""
-        }
-      },
-      null,
-      2
-    )}
-`,
-    "utf-8"
-  );
-  writeIfMissing2(import_node_path5.default.join(sailDir2, "README.md"), SAIL_WORKSPACE_README);
-  const chainIdLine = chainId != null ? `CHAIN_ID=${chainId}
-` : `# CHAIN_ID=8453   # set after choosing your chain in Stage 1
-`;
-  import_node_fs6.default.writeFileSync(
-    import_node_path5.default.join(dest, ".env.example"),
-    `# Sailor agent environment
-RPC_URL=https://your-rpc-endpoint
-${chainIdLine}
-# Optional for non-interactive runs
-# SAIL_PASSPHRASE=change-me-to-a-strong-passphrase
-`,
-    "utf-8"
-  );
-  const rpcLine = options.rpcUrl ? `RPC_URL=${options.rpcUrl}` : `# Paste your RPC endpoint here (Alchemy, Infura, or any HTTPS endpoint)
-# RPC_URL=https://your-rpc-endpoint`;
-  const chainLine = chainId != null ? `
-CHAIN_ID=${chainId}` : ``;
-  writeIfMissing2(
-    import_node_path5.default.join(sailDir2, ".env.local"),
-    `${rpcLine}${chainLine}
-
-# Optional for non-interactive runs (CI, GitHub Actions, launchd, systemd)
-# SAIL_PASSPHRASE=change-me-to-a-strong-passphrase
-`
-  );
-}
-async function initCommand(dir, options = {}) {
-  const inPlace = !dir || dir === ".";
-  const dest = inPlace ? process.cwd() : import_node_path5.default.resolve(process.cwd(), dir);
-  const name = import_node_path5.default.basename(dest);
-  const templatesDir = import_node_path5.default.join(packageRoot(), "templates");
-  const templateName = options.template ?? "default";
-  if (/[/\\.]/.test(templateName) || templateName.includes("..")) {
-    throw new Error(`Invalid template name: "${templateName}"`);
+async function accountDeployChain(options) {
+  const json = !!options.json;
+  const say = (fn) => {
+    if (!json) fn();
+  };
+  const stored = readJsonFile(sailPath("account.json"));
+  if (!stored?.safe || !stored?.owner || !stored?.manager) {
+    throw new Error(
+      "No SMA found in .sail/account.json. Run `sailor onboard --new-sma` first."
+    );
   }
-  const templateSrc = import_node_path5.default.join(templatesDir, templateName);
-  const availableTemplates = () => import_node_fs6.default.existsSync(templatesDir) ? import_node_fs6.default.readdirSync(templatesDir).filter((e) => import_node_fs6.default.existsSync(import_node_path5.default.join(templatesDir, e, "package.json"))).join(", ") || "none" : "none";
-  if (!import_node_fs6.default.existsSync(templateSrc) || !import_node_fs6.default.existsSync(import_node_path5.default.join(templateSrc, "package.json"))) {
-    const available = availableTemplates();
-    const hint = available === "none" ? `
-No templates found under ${templatesDir}.
-If you're running the in-tree CLI bundle from a monorepo checkout, the scaffolder
-couldn't locate the repo's templates/ directory. Install the published package, or
-run from the repo root.` : ` Available: ${available}`;
-    throw new Error(`Template "${templateName}" not found.${hint}`);
+  if (stored.saltNonce == null && options.salt == null) {
+    throw new Error(
+      "No saltNonce stored in .sail/account.json.\nPass --salt <n> explicitly, or re-deploy your SMA with `sailor onboard --new-sma --salt <n>`\nso the salt is recorded for cross-chain use."
+    );
   }
-  const cwd = process.cwd();
-  if (!inPlace && !dest.startsWith(cwd + import_node_path5.default.sep) && dest !== cwd) {
-    throw new Error(`Directory must be inside the current working directory`);
+  if (options.salt != null && !/^\d+$/.test(options.salt)) {
+    throw new Error(`Invalid --salt value: "${options.salt}" \u2014 must be a non-negative integer.`);
   }
-  if (!inPlace && import_node_fs6.default.existsSync(dest)) {
-    throw new Error(`Directory already exists: ${dest}`);
+  const ownerAddr = getAddress(stored.owner);
+  const managerAddr = getAddress(stored.manager);
+  const storedSafe = getAddress(stored.safe);
+  const saltNonce = options.salt != null ? BigInt(options.salt) : BigInt(stored.saltNonce);
+  if (!/^\d+$/.test(options.chain)) {
+    throw new Error(`Invalid --chain value: "${options.chain}" \u2014 must be a numeric chain ID.`);
   }
-  if (inPlace && import_node_fs6.default.existsSync(import_node_path5.default.join(dest, ".sail", "config.json"))) {
-    throw new Error(`Already initialized \u2014 .sail/config.json exists`);
+  const targetChainId = Number(options.chain);
+  if (!(targetChainId in sailDeployments)) {
+    throw new Error(
+      `Chain ${targetChainId} has no Sail Protocol deployment.
+Supported: ${Object.keys(sailDeployments).join(", ")}`
+    );
+  }
+  if (targetChainId === stored.chainId) {
+    throw new Error(
+      `Chain ${targetChainId} is already the primary chain for this SMA.
+Use a different chain ID.`
+    );
+  }
+  const allChainIds = Object.keys(sailDeployments).map(Number);
+  const rpcPreferred = allChainIds.find((cid) => getRpcUrl(cid) != null);
+  if (rpcPreferred == null) {
+    throw new Error(
+      "No RPC URL configured for any supported chain.\nSet RPC_URL or RPC_URL_<CHAIN_ID> in .sail/.env.local."
+    );
+  }
+  const proxyCreationCode = await fetchProxyCreationCode(rpcPreferred);
+  const deployment = sailDeployments[targetChainId];
+  const { initializer, predicted } = buildSmaAddressPrediction(
+    deployment,
+    ownerAddr,
+    managerAddr,
+    saltNonce,
+    proxyCreationCode
+  );
+  if (predicted.toLowerCase() !== storedSafe.toLowerCase()) {
+    const msg = `Your existing SMA (${storedSafe}) cannot be reproduced at the same address on
+chain ${targetChainId}. Predicted address: ${predicted}.
+
+Two possible causes:
+  a) Wrong --salt value. The stored deployment salt is ${stored.saltNonce ?? "unknown"}. Re-run without --salt to use it automatically.
+  b) SMA was deployed against the old per-chain contracts (pre-deterministic
+     kernel deployment). The current contracts are identical across all chains.
+
+If it is (b), deploy a new SMA with the current contracts:
+  sailor onboard --new-sma --salt ${stored.saltNonce ?? saltNonce}
+Then run deploy-chain from that account.`;
+    if (json) {
+      console.log(
+        JSON.stringify(
+          {
+            status: "error",
+            error: "old-contracts",
+            stored: storedSafe,
+            predicted,
+            targetChainId,
+            message: msg
+          },
+          null,
+          2
+        )
+      );
+      process.exit(1);
+    }
+    throw new Error(msg);
   }
-  copyDirSync(templateSrc, dest);
-  const pkgRoot = packageRoot();
-  const examplesPermSrc = import_node_path5.default.join(pkgRoot, "examples", "permissions");
-  if (import_node_fs6.default.existsSync(examplesPermSrc)) {
-    copyDirSync(examplesPermSrc, import_node_path5.default.join(dest, "examples", "permissions"));
-  }
-  const permModelSrc = import_node_path5.default.join(pkgRoot, "docs", "PERMISSION_MODEL.md");
-  if (import_node_fs6.default.existsSync(permModelSrc)) {
-    import_node_fs6.default.mkdirSync(import_node_path5.default.join(dest, "docs"), { recursive: true });
-    writeIfMissing2(import_node_path5.default.join(dest, "docs", "PERMISSION_MODEL.md"), import_node_fs6.default.readFileSync(permModelSrc, "utf-8"));
-  }
-  const pkgPath = import_node_path5.default.join(dest, "package.json");
-  if (import_node_fs6.default.existsSync(pkgPath)) {
-    const pkg = JSON.parse(import_node_fs6.default.readFileSync(pkgPath, "utf-8"));
-    pkg.name = name;
-    const deps = pkg.dependencies ?? {};
-    if (deps["@sail/sdk"] === "workspace:*") {
-      const sdkPath = import_node_path5.default.join(pkgRoot, "packages", "sdk");
-      deps["@sail/sdk"] = import_node_fs6.default.existsSync(sdkPath) ? `file:${sdkPath}` : (
-        // Fallback: SDK not bundled — user must install it manually.
-        "0.1.0"
+  const targetClient = createPublicClient({
+    chain: getChainById(targetChainId),
+    transport: http(getRpcUrl(targetChainId) ?? void 0)
+  });
+  const alreadyRecorded = (stored.deployedChains ?? []).includes(targetChainId);
+  if (alreadyRecorded) {
+    say(() => console.log(`
+Chain ${targetChainId} is already recorded as deployed \u2014 verifying on-chain\u2026`));
+  }
+  const existingCode = await targetClient.getCode({ address: predicted });
+  if (existingCode && existingCode !== "0x") {
+    say(() => console.log(`SMA confirmed at ${predicted} on chain ${targetChainId}.`));
+    if (!alreadyRecorded) recordDeployedChain(stored, targetChainId);
+    if (json) {
+      console.log(
+        JSON.stringify({ status: "ok", alreadyDeployed: true, address: predicted, chainId: targetChainId }, null, 2)
       );
     }
-    pkg.dependencies = deps;
-    import_node_fs6.default.writeFileSync(pkgPath, `${JSON.stringify(pkg, null, 2)}
-`);
+    return;
   }
-  scaffoldProjectWorkspace(dest, name, options);
-  scaffoldFoundryWorkspace(dest);
-  printWelcome(
-    dest,
-    name,
-    inPlace,
-    !!options.rpcUrl,
-    /* freshInit */
-    true
+  say(
+    () => console.log(
+      `
+Deploying SMA on ${getChainById(targetChainId).name} (chain ${targetChainId})\u2026`
+    )
   );
-}
-function chainLabel(chainId) {
-  const labels = {
-    8453: "Base",
-    42161: "Arbitrum",
-    84532: "Base Sepolia",
-    130: "Unichain"
-  };
-  return labels[chainId] ?? `Chain ${chainId}`;
-}
-function detectState(dest) {
+  say(() => console.log(`  Predicted address: ${predicted}`));
+  const createAccountData = encodeFunctionData({
+    abi: SailKernelAbi,
+    functionName: "createAccount",
+    args: [
+      SAFE_V141.proxyFactory,
+      SAFE_V141.singletonL2,
+      initializer,
+      saltNonce,
+      ownerAddr,
+      // permissionSigner = owner (same as original deployment)
+      managerAddr,
+      // manager = agent wallet
+      deployment.standardFeePolicy,
+      zeroAddress
+      // feeAsset (native)
+    ]
+  });
+  const channel = await createSigningChannel(process.cwd());
   try {
-    const configRaw = import_node_fs6.default.readFileSync(import_node_path5.default.join(dest, ".sail", "config.json"), "utf-8");
-    const config = JSON.parse(configRaw);
-    const projectName = config.name ?? import_node_path5.default.basename(dest);
-    const accountPath = import_node_path5.default.join(dest, ".sail", "account.json");
-    if (!import_node_fs6.default.existsSync(accountPath)) {
-      return { kind: "B", projectName, chain: chainLabel(config.chainId ?? 0) };
+    await channel.start();
+    const stationUrl = `http://localhost:${projectPort(process.cwd())}/#/station`;
+    if (json) {
+      console.log(
+        JSON.stringify(
+          { status: "waiting_for_signature", url: stationUrl, chainId: targetChainId },
+          null,
+          2
+        )
+      );
+    } else {
+      console.log(
+        `
+\u2192 Open the Sailor dashboard and switch your wallet to ${getChainById(targetChainId).name}:
+  ${stationUrl}
+`
+      );
     }
-    const accountRaw = import_node_fs6.default.readFileSync(accountPath, "utf-8");
-    const account2 = JSON.parse(accountRaw);
-    const sma = account2.safe ?? "";
-    const chain2 = chainLabel(account2.chainId ?? config.chainId ?? 0);
-    let permissionCount = 0;
-    try {
-      const mandatesRaw = import_node_fs6.default.readFileSync(
-        import_node_path5.default.join(dest, ".sail", "state", "mandates.json"),
-        "utf-8"
+    say(() => console.log("Pushing signing request\u2026"));
+    const response = await channel.requestSignature({
+      type: "transaction",
+      kind: "create-sma",
+      title: `Deploy SMA on ${getChainById(targetChainId).name}`,
+      description: `Deploy the same SMA at ${predicted} on ${getChainById(targetChainId).name}. Switch your wallet to chain ${targetChainId} before signing.`,
+      chainId: targetChainId,
+      to: deployment.kernel,
+      data: createAccountData,
+      details: [
+        { label: "Owner", value: ownerAddr },
+        { label: "Agent wallet", value: managerAddr },
+        { label: "Predicted address", value: predicted },
+        { label: "Fee policy", value: deployment.standardFeePolicy },
+        { label: "Salt", value: saltNonce.toString() }
+      ]
+    });
+    if (response.status === "rejected") {
+      throw new Error(`User rejected deployment: ${response.reason ?? "no reason given"}`);
+    }
+    if (response.status !== "signed") {
+      throw new Error("Unexpected response from signing UI");
+    }
+    say(() => console.log("Waiting for transaction confirmation\u2026"));
+    const receipt = await targetClient.waitForTransactionReceipt({ hash: response.txHash });
+    const logs = parseEventLogs({ abi: SailKernelAbi, logs: receipt.logs });
+    const registered = logs.find(
+      (l) => l.eventName === "AccountRegistered"
+    );
+    if (!registered) {
+      throw new Error(
+        `AccountRegistered event not found in receipt (tx ${response.txHash}) \u2014 transaction may have failed or was sent to the wrong contract.`
       );
-      const mandates = JSON.parse(mandatesRaw);
-      permissionCount = Array.isArray(mandates.mandates) ? mandates.mandates.length : 0;
-    } catch {
     }
-    if (permissionCount > 0) {
-      return { kind: "D", projectName, chain: chain2, sma, permissionCount };
+    const deployedAddress = registered.args.account;
+    if (deployedAddress.toLowerCase() !== predicted.toLowerCase()) {
+      throw new Error(
+        `Deployed address mismatch: predicted ${predicted}, got ${deployedAddress}.
+Please report this as a bug \u2014 this should not happen with deterministic contracts.`
+      );
     }
-    return { kind: "C", projectName, chain: chain2, sma };
-  } catch {
-    return { kind: "A" };
+    recordDeployedChain(stored, targetChainId);
+    appendActivity({
+      ts: nowIso(),
+      actor: "owner",
+      type: "sma_deployed_chain",
+      sma: deployedAddress,
+      owner: ownerAddr,
+      manager: managerAddr,
+      txHash: response.txHash,
+      chainId: targetChainId,
+      saltNonce: saltNonce.toString()
+    });
+    say(() => {
+      console.log(`
+${"\u2500".repeat(56)}`);
+      console.log("\u2713 SMA deployed on additional chain!");
+      console.log(`  Address: ${deployedAddress}`);
+      console.log(`  Chain:   ${getChainById(targetChainId).name} (${targetChainId})`);
+      console.log(`  Tx:      ${response.txHash}`);
+      console.log("\u2500".repeat(56));
+    });
+    if (json) {
+      console.log(
+        JSON.stringify(
+          {
+            status: "ok",
+            address: deployedAddress,
+            chainId: targetChainId,
+            txHash: response.txHash
+          },
+          null,
+          2
+        )
+      );
+    }
+  } finally {
+    channel.stop();
   }
 }
-function printWelcome(dest, name, inPlace, hasRpc, freshInit = false) {
-  const state = freshInit ? { kind: "A" } : detectState(dest);
-  if (state.kind === "B") {
-    console.log("\nWelcome back.\n");
-    console.log(`Project: ${state.projectName} | Network: ${state.chain}`);
-    console.log("Status: SMA not yet deployed.\n");
-    console.log("Next:");
-    console.log("  sailor ui start");
-    console.log("  Connect your wallet and deploy your SMA in the browser.\n");
-    console.log('Or open this folder in your AI coding assistant and say: "continue"');
-    return;
-  }
-  if (state.kind === "C") {
-    console.log("\nWelcome back.\n");
-    console.log(`Project: ${state.projectName}`);
-    console.log(`SMA: ${state.sma} on ${state.chain}`);
-    console.log(
-      "Permissions: none registered yet \u2014 your agent has no mandate to execute against.\n"
-    );
-    console.log("Next:");
-    console.log(
-      "  Write your permission contract in mandates/ (start from BoundedCallPermission.sol)"
-    );
-    console.log("  forge build");
-    console.log(`  sailor mandate deploy --contract <Name> --attach --sma ${state.sma}
-`);
-    console.log('Or open this folder in your AI coding assistant and say: "continue"');
-    return;
-  }
-  if (state.kind === "D") {
-    console.log("\nWelcome back.\n");
-    console.log(`Project: ${state.projectName}`);
-    console.log(`SMA: ${state.sma} on ${state.chain}`);
-    console.log(`Permissions: ${state.permissionCount} registered
-`);
-    console.log('Open this folder in your AI coding assistant and say: "continue"');
-    return;
+function buildSmaAddressPrediction(deployment, ownerAddr, managerAddr, saltNonce, proxyCreationCode) {
+  const initializer = buildSafeSetupInitializer({
+    owners: [ownerAddr],
+    threshold: 1n,
+    kernel: deployment.kernel,
+    safeModuleEnabler: deployment.safeModuleEnabler
+  });
+  const predicted = computeSailSmaAddress({
+    initializer,
+    saltNonce,
+    deployer: ownerAddr,
+    permissionSigner: ownerAddr,
+    manager: managerAddr,
+    feePolicy: deployment.standardFeePolicy,
+    proxyCreationCode
+  });
+  return { initializer, predicted };
+}
+function recordDeployedChain(stored, chainId) {
+  const existing = Array.from(/* @__PURE__ */ new Set([stored.chainId, ...stored.deployedChains ?? []]));
+  if (!existing.includes(chainId)) {
+    existing.push(chainId);
+    existing.sort((a, b) => a - b);
   }
-  if (!inPlace) console.log(`
-Created ${name}/`);
-  console.log("\nYour Sail agent project is ready. Open your AI coding assistant in this folder and say start.");
+  const updated = { ...stored, deployedChains: existing };
+  upsertAccountInList(updated);
+  writeJsonFile(sailPath("account.json"), updated);
 }
 
-// src/commands/keys.ts
-var import_node_fs7 = __toESM(require("node:fs"), 1);
-var import_node_path6 = __toESM(require("node:path"), 1);
-async function keysGenerate() {
-  const roleInput = await prompt("Which key? (agent wallet / mandate signer)", "agent wallet");
-  const role = normalizeRole(roleInput);
-  if (!role) {
-    throw new Error(`Unknown key role: "${roleInput}". Choose "agent wallet" or "mandate signer".`);
+// src/lib/output.ts
+function emit(json, human, payload) {
+  if (json) {
+    console.log(JSON.stringify(payload));
+  } else {
+    human();
   }
-  if (fileExists(keyPath(role))) {
-    const overwrite = await confirm(
-      `A ${roleLabel(role)} key already exists at .sail/keys/${role}.json. Overwrite it?`
-    );
-    if (!overwrite) {
-      console.log("Aborted \u2014 existing key left untouched.");
-      return;
+}
+
+// src/lib/project.ts
+init_esm2();
+function nonEmpty(value) {
+  return typeof value === "string" && value.trim().length > 0;
+}
+var ProjectContext = class {
+  config;
+  chainId;
+  deployment;
+  contracts;
+  constructor() {
+    const cfg = readJsonFile(sailPath("config.json"));
+    if (!cfg) {
+      throw new Error('No Sailor project found here. Run "sailor init" first.');
     }
+    this.config = cfg;
+    this.chainId = cfg.chainId ?? 8453;
+    this.deployment = getSailDeployment(this.chainId);
+    const overrides = cfg.contracts ?? {};
+    this.contracts = {
+      chainId: this.chainId,
+      kernel: getAddress(nonEmpty(overrides.kernel) ? overrides.kernel : this.deployment.kernel),
+      governance: getAddress(
+        nonEmpty(overrides.governance) ? overrides.governance : this.deployment.governance
+      ),
+      standardFeePolicy: getAddress(
+        nonEmpty(overrides.standardFeePolicy) ? overrides.standardFeePolicy : this.deployment.standardFeePolicy
+      ),
+      safeModuleEnabler: getAddress(
+        nonEmpty(overrides.safeModuleEnabler) ? overrides.safeModuleEnabler : this.deployment.safeModuleEnabler
+      ),
+      // Accept both override names: mandateFactory (new) and permissionFactory (legacy).
+      mandateFactory: getAddress(
+        nonEmpty(overrides.mandateFactory) ? overrides.mandateFactory : nonEmpty(overrides.permissionFactory) ? overrides.permissionFactory : this.deployment.mandateFactory
+      )
+    };
   }
-  const password = await promptHidden("Set a password to encrypt the key");
-  if (password.length < 8) {
-    throw new Error("Password must be at least 8 characters.");
+  static exists() {
+    return fileExists(sailPath("config.json"));
   }
-  const confirmation = await promptHidden("Confirm password");
-  if (password !== confirmation) {
-    throw new Error("Passwords do not match.");
+  get name() {
+    return this.config.name ?? "sailor-agent";
   }
-  const keyring = LocalKeyring.generate();
-  const keystore = await keyring.exportKeystore(password);
-  writeJsonFile(keyPath(role), keystore);
-  const label = role === "manager" ? "Agent wallet" : "Mandate signer";
-  console.log(`
-${label} key saved. Address: ${checksum4(keyring.address)}`);
-  console.log(`Encrypted keystore written to .sail/keys/${role}.json`);
-  if (role === "manager") {
-    const save = await confirm(
-      "\nSave passphrase to .sail/.env.local for non-interactive use? (required for CI/GitHub Actions)"
-    );
-    if (save) {
-      const envPath = sailPath(".env.local");
-      let content = "";
-      if (import_node_fs7.default.existsSync(envPath)) {
-        content = import_node_fs7.default.readFileSync(envPath, "utf-8");
-        content = content.replace(/^SAIL_PASSPHRASE=.*\n?/m, "");
-      }
-      content = content.trimEnd() + (content.length > 0 ? "\n" : "") + `SAIL_PASSPHRASE=${password}
-`;
-      import_node_fs7.default.mkdirSync(import_node_path6.default.dirname(envPath), { recursive: true });
-      import_node_fs7.default.writeFileSync(envPath, content, { mode: 384 });
-      console.log("\u2713 SAIL_PASSPHRASE saved to .sail/.env.local (mode 0600)");
-      console.log("  sailor run will now work non-interactively.");
-    } else {
-      console.log("\nTo run non-interactively, add this to .sail/.env.local:");
-      console.log(`  SAIL_PASSPHRASE=<your-passphrase>`);
+  // ── Owner persistence (.sail/state/owner.json) ──────────────────────────────
+  getOwner() {
+    const state = readJsonFile(sailPath("state", "owner.json"));
+    if (state?.owner) return getAddress(state.owner);
+    const account2 = readJsonFile(sailPath("account.json"));
+    return account2?.owner ? getAddress(account2.owner) : null;
+  }
+  setOwner(owner2) {
+    writeJsonFile(sailPath("state", "owner.json"), {
+      owner: getAddress(owner2),
+      chainId: this.chainId,
+      connectedAt: (/* @__PURE__ */ new Date()).toISOString()
+    });
+  }
+};
+async function loadManagerSigner2() {
+  if (!process.env.SAIL_PASSPHRASE) {
+    try {
+      const env = parseEnvFile(sailPath(".env.local"));
+      if (env.SAIL_PASSPHRASE) process.env.SAIL_PASSPHRASE = env.SAIL_PASSPHRASE;
+    } catch {
     }
   }
-}
-async function keysExportCi() {
-  const account2 = readJsonFile(sailPath("account.json"));
-  const src = resolveKeyPath("manager", account2?.safe);
-  if (!fileExists(src)) {
-    throw new Error(
-      'No agent wallet keystore found.\nComplete Stage 1 (browser UI) to generate your agent wallet, or run\n"sailor keys generate" and choose "agent wallet" to create one manually.'
-    );
-  }
-  const dest = import_node_path6.default.resolve(process.cwd(), "ci-keystore.json");
-  import_node_fs7.default.copyFileSync(src, dest);
-  console.log(`\u2713 Keystore copied to ci-keystore.json`);
-  console.log(`  Source: ${src}`);
-  const gitignorePath = import_node_path6.default.resolve(process.cwd(), ".gitignore");
-  if (import_node_fs7.default.existsSync(gitignorePath)) {
-    const content = import_node_fs7.default.readFileSync(gitignorePath, "utf-8");
-    if (!content.includes("ci-keystore.json")) {
-      import_node_fs7.default.appendFileSync(
-        gitignorePath,
-        "\n# CI keystore \u2014 encrypted agent wallet, safe to commit\n!ci-keystore.json\n"
-      );
-      console.log("\u2713 Added !ci-keystore.json allowlist entry to .gitignore");
-    } else {
-      console.log("\u2713 .gitignore already tracks ci-keystore.json");
+  const passphrase = process.env.SAIL_PASSPHRASE;
+  if (passphrase) {
+    const keystore = readJsonFile(keyPath("manager"));
+    if (!keystore) {
+      throw new Error('No manager key found.\nRun "sailor keys generate" and choose "manager".');
     }
+    return LocalKeyring.fromKeystore(keystore, passphrase);
   }
-  console.log("\nNext steps:");
-  console.log("  1. Add two GitHub Actions secrets (Settings \u2192 Secrets \u2192 Actions):");
-  console.log("       SAIL_PASSPHRASE \u2014 the passphrase that encrypts your agent wallet");
-  console.log("       RPC_URL         \u2014 your RPC endpoint");
-  console.log("  2. Commit and push ci-keystore.json:");
-  console.log('       git add ci-keystore.json && git commit -m "chore: add CI keystore" && git push');
-  console.log("\n  The keystore is encrypted \u2014 the raw private key is never exposed.");
-  console.log("  The workflow at .github/workflows/agent-tick.yml unlocks it with SAIL_PASSPHRASE.");
+  return loadKeyring("manager");
 }
-async function keysShow() {
-  const present = ROLES.filter((role) => keyExists(role));
-  if (present.length === 0) {
-    console.log("No keys found in .sail/keys/.");
-    console.log('Run "sailor keys generate" to create one.');
-    return;
+
+// src/commands/capabilities.ts
+function chainName(chainId) {
+  try {
+    return getChainById(chainId).name;
+  } catch {
+    return `Chain ${chainId}`;
   }
-  console.log("Keys in .sail/keys/:\n");
-  for (const role of present) {
-    try {
-      const keyring = await loadKeyring(role);
-      console.log(`  ${roleLabel(role)}: ${checksum4(keyring.address)}`);
-    } catch (err) {
-      console.log(`  ${role}: ${err.message}`);
-    }
+}
+async function capabilities(options = {}) {
+  const project = new ProjectContext();
+  const chainId = project.chainId;
+  const kernel = project.contracts.kernel;
+  const deployment = getSailDeployment(chainId);
+  const rpcUrl = getRpcUrl(chainId) ?? getChainById(chainId).rpcUrls.default.http[0];
+  let dispatchModel = deployment.dispatchModel;
+  let modelSource = "static-hint";
+  try {
+    const caps = await new SailorClient({ chainId, rpcUrl, kernel }).capabilities();
+    dispatchModel = caps.dispatchModel;
+    modelSource = caps.source;
+  } catch {
   }
+  const cloneTemplates = (deployment.cloneTemplates ?? []).map((t) => ({
+    key: t.key,
+    kind: t.kind,
+    label: t.label,
+    description: t.description,
+    address: t.address,
+    initParams: t.initParams
+  }));
+  const knownTemplates = (deployment.knownTemplates ?? []).map((t) => ({
+    kind: t.kind,
+    label: t.label,
+    description: t.description,
+    address: t.address
+  }));
+  const bareTemplates = Object.keys(deployment.standaloneTemplates ?? {}).filter(
+    (k) => !cloneTemplates.some((c) => c.key === k)
+  );
+  const strategyPrimitives = [
+    "strategy.swap \u2014 bounded swap (one-off, or looped on a schedule for DCA/rebalance)",
+    "dispatch.single \u2014 a single permitted call through the kernel",
+    dispatchModel === "selective" ? "dispatch.batch / dispatch.preview \u2014 multi-call (selective kernels only)" : "dispatch.batch / dispatch.preview \u2014 UNAVAILABLE on this conjunctive kernel"
+  ];
+  const payload = {
+    chainId,
+    chainName: chainName(chainId),
+    supported: true,
+    dispatchModel,
+    dispatchModelSource: modelSource,
+    contracts: {
+      kernel,
+      mandateFactory: project.contracts.mandateFactory
+    },
+    supportedChains: Object.keys(sailDeployments).map((id) => ({
+      chainId: Number(id),
+      name: chainName(Number(id)),
+      dispatchModel: sailDeployments[id].dispatchModel
+    })),
+    mandateTemplates: {
+      // No-Solidity, self-describing clone templates (deployAndAttach + initialize).
+      cloneTemplates,
+      // Pre-deployed shared permissions.
+      knownTemplates,
+      // Deployable clone logic without rich wizard metadata yet.
+      otherStandaloneTemplates: bareTemplates
+    },
+    strategyPrimitives,
+    customMandates: "Author a Foundry IPermission contract under mandates/ when no template fits; keep all policy parameters constructor-configured.",
+    intelligence: {
+      baseUrl: SAIL_INTELLIGENCE_BASE_URL,
+      docsUrl: SAIL_INTELLIGENCE_DOCS_URL,
+      use: "Vault screening, allocation, and rebalance advice for yield strategies."
+    }
+  };
+  emit(
+    options.json,
+    () => {
+      console.log("Sailor capabilities");
+      console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+      console.log(`Chain:          ${payload.chainName} (${chainId})`);
+      console.log(`Dispatch model: ${dispatchModel ?? "unknown"}  (${modelSource})`);
+      console.log(
+        `Supported chains: ${payload.supportedChains.map((c) => `${c.name} [${c.dispatchModel}]`).join(", ")}`
+      );
+      console.log("\nNo-Solidity mandate templates on this chain:");
+      if (cloneTemplates.length === 0 && knownTemplates.length === 0 && bareTemplates.length === 0) {
+        console.log("  (none registered for this chain yet \u2014 author a custom mandate)");
+      }
+      for (const t of cloneTemplates) {
+        console.log(`  \u2022 ${t.label} (${t.kind}) \u2014 ${t.description ?? ""}`);
+        console.log(`      params: ${t.initParams.map((p) => `${p.name}: ${p.type}`).join(", ")}`);
+      }
+      for (const t of knownTemplates) {
+        console.log(`  \u2022 ${t.label} (${t.kind}, shared) \u2014 ${t.description ?? ""}`);
+      }
+      if (bareTemplates.length > 0) {
+        console.log(`  \u2022 also deployable: ${bareTemplates.join(", ")}`);
+      }
+      console.log("\nStrategy primitives:");
+      for (const p of strategyPrimitives) console.log(`  \u2022 ${p}`);
+      console.log("\nCustom mandates:");
+      console.log(`  ${payload.customMandates}`);
+      console.log("\nIntelligence API (yield/allocation advice):");
+      console.log(`  ${SAIL_INTELLIGENCE_BASE_URL}  (docs: ${SAIL_INTELLIGENCE_DOCS_URL})`);
+      console.log(
+        "\nUse this to decide if a request is buildable. If it can't be expressed as a template, a strategy primitive, or a custom mandate, say so \u2014 don't scaffold a revert."
+      );
+    },
+    payload
+  );
 }
 
-// src/commands/mandate-contracts.ts
-var import_node_child_process = require("node:child_process");
-var import_node_fs10 = require("node:fs");
-var import_node_path9 = require("node:path");
+// src/commands/doctor.ts
 init_esm2();
 
-// src/lib/mandates.ts
-var MandateStore = class {
-  filePath;
-  constructor(filePath = sailPath("state", "mandates.json")) {
-    this.filePath = filePath;
-  }
-  read() {
-    const parsed = readJsonFile(this.filePath);
-    return { version: 1, mandates: parsed?.mandates ?? [] };
-  }
-  write(data) {
-    writeJsonFile(this.filePath, data);
+// src/lib/contract-check.ts
+async function checkContractExists(pc, address) {
+  try {
+    const code = await pc.getCode({ address });
+    return { address, hasCode: !!code && code !== "0x" };
+  } catch (err) {
+    return { address, hasCode: false, error: err.message.split("\n")[0] };
   }
-  list() {
-    return this.read().mandates;
+}
+
+// src/lib/permission-resolver.ts
+var IPERMISSION_ABI = [
+  {
+    type: "function",
+    name: "evaluate",
+    stateMutability: "view",
+    inputs: [
+      { name: "txData", type: "bytes" },
+      {
+        name: "ctx",
+        type: "tuple",
+        components: [
+          { name: "account", type: "address" },
+          { name: "manager", type: "address" },
+          { name: "submitter", type: "address" },
+          { name: "target", type: "address" },
+          { name: "selector", type: "bytes4" },
+          { name: "value", type: "uint256" },
+          { name: "blockTimestamp", type: "uint256" },
+          { name: "blockNumber", type: "uint256" }
+        ]
+      }
+    ],
+    outputs: [{ type: "bool" }]
   }
-  /** Find a tracked mandate by address (case-insensitive) or by exact name. */
-  find(addressOrName) {
-    const needle = addressOrName.toLowerCase();
-    return this.read().mandates.find(
-      (m) => m.address.toLowerCase() === needle || m.name === addressOrName
-    );
+];
+function buildPermissionContext(params) {
+  const { account: account2, manager, call: call2, blockInfo } = params;
+  const selector = call2.data.length >= 10 ? call2.data.slice(0, 10) : "0x00000000";
+  return {
+    account: account2,
+    manager,
+    submitter: manager,
+    // runner submits dispatches from the manager (agent) wallet
+    target: call2.target,
+    selector,
+    value: call2.value,
+    blockTimestamp: blockInfo.timestamp,
+    blockNumber: blockInfo.number
+  };
+}
+async function probePermissionForCall(params) {
+  const { publicClient, permission, account: account2, manager, call: call2, blockInfo } = params;
+  const ctx = buildPermissionContext({ account: account2, manager, call: call2, blockInfo });
+  try {
+    const accepted = await publicClient.readContract({
+      address: permission,
+      abi: IPERMISSION_ABI,
+      functionName: "evaluate",
+      args: [call2.data, ctx]
+    });
+    return { accepted: Boolean(accepted), reverted: false };
+  } catch (err) {
+    return { accepted: false, reverted: true, error: err.message.split("\n")[0] };
   }
-  /** Append a newly deployed mandate (replacing any prior record at the same address). */
-  add(mandate2) {
-    const data = this.read();
-    data.mandates = data.mandates.filter(
-      (m) => m.address.toLowerCase() !== mandate2.address.toLowerCase()
-    );
-    data.mandates.push(mandate2);
-    this.write(data);
+}
+async function resolvePermissionForCall(params) {
+  const { publicClient, account: account2, manager, call: call2, registeredPermissions, blockInfo } = params;
+  const ctx = buildPermissionContext({ account: account2, manager, call: call2, blockInfo });
+  for (const permission of registeredPermissions) {
+    try {
+      const accepted = await publicClient.readContract({
+        address: permission,
+        abi: IPERMISSION_ABI,
+        functionName: "evaluate",
+        args: [call2.data, ctx]
+      });
+      if (accepted) return permission;
+    } catch {
+    }
   }
-  /** Record that a tracked mandate was attached to an SMA. */
-  recordAttachment(address, attachment) {
-    const data = this.read();
-    const mandate2 = data.mandates.find((m) => m.address.toLowerCase() === address.toLowerCase());
-    if (!mandate2) return;
-    mandate2.attachments ??= [];
-    mandate2.attachments.push({ ...attachment, at: (/* @__PURE__ */ new Date()).toISOString() });
-    this.write(data);
+  return void 0;
+}
+async function resolvePermissionForBatch(params) {
+  const { publicClient, kernel, account: account2, calls, registeredPermissions } = params;
+  for (const permission of registeredPermissions) {
+    try {
+      const [approved] = await publicClient.readContract({
+        address: kernel,
+        abi: SailKernelAbi,
+        functionName: "previewBatch",
+        args: [account2, permission, calls]
+      });
+      if (approved) return permission;
+    } catch {
+    }
   }
-};
-
-// src/signing/client.ts
-var import_node_fs9 = require("node:fs");
-var import_node_path8 = require("node:path");
-
-// src/signing/server.ts
-var import_node_crypto2 = require("node:crypto");
-var import_node_fs8 = require("node:fs");
-var import_node_http = require("node:http");
-var import_node_net = require("node:net");
-var import_node_path7 = require("node:path");
-
-// ../../node_modules/.pnpm/ws@8.21.0_bufferutil@4.1.0_utf-8-validate@5.0.10/node_modules/ws/wrapper.mjs
-var import_stream2 = __toESM(require_stream2(), 1);
-var import_extension2 = __toESM(require_extension2(), 1);
-var import_permessage_deflate2 = __toESM(require_permessage_deflate2(), 1);
-var import_receiver2 = __toESM(require_receiver2(), 1);
-var import_sender2 = __toESM(require_sender2(), 1);
-var import_subprotocol2 = __toESM(require_subprotocol2(), 1);
-var import_websocket2 = __toESM(require_websocket2(), 1);
-var import_websocket_server2 = __toESM(require_websocket_server2(), 1);
+  return void 0;
+}
 
-// src/signing/server.ts
-var DEFAULT_SIGNING_PORT = 3141;
-var RUNTIME_SUBDIR = (0, import_node_path7.join)(".sail", "runtime");
-var SERVER_STATE_FILE = "server.json";
-var REQUEST_SECRET_HEADER = "x-sailor-secret";
-var MIME = {
-  ".html": "text/html; charset=utf-8",
-  ".js": "application/javascript",
-  ".mjs": "application/javascript",
-  ".css": "text/css",
-  ".svg": "image/svg+xml",
-  ".png": "image/png",
-  ".ico": "image/x-icon",
-  ".json": "application/json",
-  ".woff": "font/woff",
-  ".woff2": "font/woff2"
-};
-function findUiDist() {
-  const candidates = [
-    // Installed package (any scope): walk up to package root via bin.sailor marker
-    (0, import_node_path7.join)(packageRoot(), "packages", "ui", "dist"),
-    // Monorepo dev via tsx run from the repo root
-    (0, import_node_path7.join)(process.cwd(), "packages", "ui", "dist"),
-    (0, import_node_path7.join)(process.cwd(), "..", "ui", "dist")
-  ];
-  for (const c of candidates) {
-    if ((0, import_node_fs8.existsSync)((0, import_node_path7.join)(c, "index.html"))) return c;
+// src/commands/doctor.ts
+var LOW_GAS_THRESHOLD_WEI = 500000000000000n;
+async function nativeBalance(pc, address) {
+  const wei = await pc.getBalance({ address });
+  return {
+    address,
+    wei: wei.toString(),
+    eth: formatEther(wei),
+    funded: wei > 0n,
+    low: wei > 0n && wei < LOW_GAS_THRESHOLD_WEI
+  };
+}
+function keystoreAddress(role, safe) {
+  const ks = readJsonFile(resolveKeyPath(role, safe));
+  return ks?.address ? getAddress(`0x${ks.address.replace(/^0x/, "")}`) : null;
+}
+var PROBE_TARGET = "0x000000000000000000000000000000000000dEaD";
+var PROBE_SELECTOR = "0xffffffff";
+var PROBE_DATA = "0xffffffff";
+async function probePassThrough(pc, permission, account2) {
+  try {
+    const ok = await pc.readContract({
+      address: permission,
+      abi: IPERMISSION_ABI,
+      functionName: "evaluate",
+      args: [
+        PROBE_DATA,
+        {
+          account: account2,
+          manager: account2,
+          submitter: account2,
+          target: PROBE_TARGET,
+          selector: PROBE_SELECTOR,
+          value: 0n,
+          blockTimestamp: 0n,
+          blockNumber: 0n
+        }
+      ]
+    });
+    return { permission, passesThrough: ok };
+  } catch (err) {
+    return {
+      permission,
+      passesThrough: false,
+      note: `evaluate reverted (${err.message.split("\n")[0]})`
+    };
   }
-  return null;
 }
-var RESULT_LONGPOLL_MS = 25e3;
-var SigningServer = class {
-  /** This channel owns the server in-process (see SigningChannel). */
-  remote = false;
-  projectRoot;
-  runtimeDir;
-  port;
-  _url = "";
-  pending = /* @__PURE__ */ new Map();
-  results = /* @__PURE__ */ new Map();
-  resultWaiters = /* @__PURE__ */ new Map();
-  clients = /* @__PURE__ */ new Set();
-  httpServer = null;
-  wss = null;
-  _connectedWallet;
-  walletListeners = [];
-  uiDist;
-  /**
-   * Whether to publish .sail/runtime/server.json (the daemon-discovery hint).
-   * The persistent daemon (`sailor station start`) advertises; ephemeral
-   * per-command servers do not, so they never clobber a running daemon's state
-   * on a discovery race. The browser UI finds servers by port-probing anyway.
-   */
-  advertise;
-  /** Random secret generated at startup. Required on POST /requests to prevent
-   *  cross-origin pages from injecting signing requests. */
-  requestSecret = "";
-  constructor(opts = {}) {
-    this.projectRoot = opts.projectRoot ?? process.cwd();
-    this.runtimeDir = (0, import_node_path7.join)(this.projectRoot, RUNTIME_SUBDIR);
-    this.port = opts.port ?? DEFAULT_SIGNING_PORT;
-    this.uiDist = opts.uiDist ?? findUiDist();
-    this.advertise = opts.advertise ?? true;
+async function doctor(options = {}) {
+  const project = new ProjectContext();
+  const chainId = project.chainId;
+  const kernel = project.contracts.kernel;
+  const rpcUrl = getRpcUrl(chainId) ?? getChainById(chainId).rpcUrls.default.http[0];
+  const client = new SailorClient({ chainId, rpcUrl, kernel });
+  const pc = createPublicClient({ chain: getChainById(chainId), transport: http(rpcUrl) });
+  const caps = await client.capabilities();
+  const stored = readJsonFile(sailPath("account.json"));
+  const safe = options.account ? getAddress(options.account) : stored?.safe ? getAddress(stored.safe) : null;
+  let permissions = [];
+  let checks = [];
+  let permsNoCode = [];
+  if (safe) {
+    const mandates = await client.mandate.list(safe);
+    permissions = mandates.map((m) => getAddress(m.permission));
+    if (permissions.length > 0) {
+      const codeChecks = await Promise.all(permissions.map((p) => checkContractExists(pc, p)));
+      permsNoCode = codeChecks.filter((c) => !c.hasCode && !c.error).map((c) => c.address);
+    }
+    if (caps.dispatchModel === "conjunctive" && permissions.length > 0) {
+      checks = await Promise.all(permissions.map((p) => probePassThrough(pc, p, safe)));
+    }
   }
-  get url() {
-    return this._url;
+  const bricking = checks.filter((c) => c.passesThrough === false);
+  const healthy = safe !== null && bricking.length === 0;
+  const ownerAddr = stored?.owner ? getAddress(stored.owner) : project.getOwner();
+  const managerAddr = stored?.manager ? getAddress(stored.manager) : keystoreAddress("manager", stored?.safe);
+  let chainIdOnChain = null;
+  try {
+    chainIdOnChain = await pc.getChainId();
+  } catch {
   }
-  get wsUrl() {
-    return this._url.replace("http://", "ws://");
+  const chainIdMatches = chainIdOnChain === null ? null : chainIdOnChain === chainId;
+  let ownerBal = null;
+  let managerBal = null;
+  try {
+    if (ownerAddr) ownerBal = await nativeBalance(pc, ownerAddr);
+    if (managerAddr) managerBal = await nativeBalance(pc, managerAddr);
+  } catch {
   }
-  get isRunning() {
-    return this.httpServer?.listening ?? false;
+  if (options.json) {
+    console.log(
+      JSON.stringify(
+        {
+          chainId,
+          kernel,
+          dispatchModel: caps.dispatchModel,
+          dispatchTypehash: caps.dispatchTypehash,
+          capabilitySource: caps.source,
+          rpc: { chainIdOnChain, chainIdMatches },
+          wallet: {
+            owner: ownerAddr ? { address: ownerAddr, ...ownerBal ?? {} } : null,
+            manager: managerAddr ? { address: managerAddr, ...managerBal ?? {} } : null
+          },
+          account: safe,
+          saltNonce: stored?.saltNonce ?? null,
+          permissions,
+          permissionsWithoutCode: permsNoCode,
+          conjunctivePassThrough: caps.dispatchModel === "conjunctive" ? checks.map((c) => ({
+            permission: c.permission,
+            passesThrough: c.passesThrough,
+            note: c.note
+          })) : "n/a (selective kernel)",
+          healthy
+        },
+        null,
+        2
+      )
+    );
+    return;
   }
-  async start() {
-    this.port = await findAvailablePort(this.port);
-    this._url = `http://localhost:${this.port}`;
-    this.requestSecret = (0, import_node_crypto2.randomBytes)(16).toString("hex");
-    const http2 = (0, import_node_http.createServer)((req, res) => this.handleHttp(req, res));
-    this.wss = new import_websocket_server2.default({ server: http2 });
-    this.wss.on("connection", (ws, req) => {
-      const params = new URL(req.url ?? "/", this._url).searchParams;
-      if (params.get("secret") !== this.requestSecret) {
-        ws.close(1008, "Unauthorized");
-        return;
-      }
-      this.handleConnection(ws);
-    });
-    await new Promise((res, rej) => {
-      http2.listen(this.port, "127.0.0.1", res);
-      http2.once("error", rej);
-    });
-    this.httpServer = http2;
-    if (this.advertise) this.writeRuntimeState();
-    process.once("SIGINT", () => this.stop());
-    process.once("SIGTERM", () => this.stop());
+  const multiBricking = bricking.length > 0 && permissions.length > 1;
+  if (!safe) {
+    console.log('\u2717 Setup incomplete \u2014 no SMA found. Run "sailor onboard --new-sma" to deploy one.');
+  } else if (permissions.length === 0) {
+    console.log("\u2717 Setup incomplete \u2014 no permissions registered. Your agent cannot dispatch until at least one permission is attached.");
+  } else if (multiBricking) {
+    console.log(`\u2717 Setup issue \u2014 ${bricking.length} of ${permissions.length} permissions block unrelated calls (see below).`);
+  } else {
+    console.log(
+      "\u2713 Everything looks good \u2014 your SMA is deployed, your permission is registered,\n  and your agent is authorized to dispatch."
+    );
   }
-  stop() {
-    for (const [id, entry] of this.pending) {
-      clearTimeout(entry.timer);
-      this.recordResult(
-        { status: "rejected", requestId: id, reason: "Signing server stopped" },
-        entry.request
-      );
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  console.log(`Chain:   ${chainId}`);
+  console.log(`Kernel:  ${kernel}`);
+  console.log(`  dispatch model:  ${caps.dispatchModel}  (detected via ${caps.source})`);
+  console.log(`  DISPATCH_TYPEHASH: ${caps.dispatchTypehash}`);
+  console.log("\nWallet & gas:");
+  if (chainIdMatches === false) {
+    console.log(
+      `  \u2717 RPC serves chain ${chainIdOnChain}, but the project is configured for ${chainId}. Fix RPC_URL in .sail/.env.local before doing anything.`
+    );
+  } else if (chainIdMatches === true) {
+    console.log(`  \u2713 RPC serves the configured chain (${chainId}).`);
+  }
+  const showBalance = (label, addr, bal) => {
+    if (!addr) {
+      console.log(`  ${label}: not set`);
+      return;
     }
-    this.pending.clear();
-    for (const ws of this.clients) {
-      try {
-        ws.close();
-      } catch {
-      }
+    if (!bal) {
+      console.log(`  ${label}: ${addr}  (balance unavailable)`);
+      return;
     }
-    this.clients.clear();
-    this.wss?.close();
-    this.httpServer?.close();
-    this.httpServer = null;
-    if (this.advertise) this.removeRuntimeState();
+    const flag = !bal.funded ? "\u2717 unfunded" : bal.low ? "\u26A0 low" : "\u2713";
+    console.log(`  ${label}: ${addr}  ${bal.eth} ETH  ${flag}`);
+  };
+  showBalance("owner  ", ownerAddr, ownerBal);
+  showBalance("manager", managerAddr, managerBal);
+  if (managerBal && !managerBal.funded) {
+    console.log(
+      '  \u2192 The manager (agent) pays gas. Fund it before "sailor run" or dispatches fail.'
+    );
   }
-  get connectedWallet() {
-    return this._connectedWallet;
+  if (!safe) {
+    console.log('\nAccount: none found. Run "sailor onboard --new-sma", or pass --account <addr>.');
+    console.log("Skipping permission checks.");
+    return;
   }
-  /**
-   * Resolves as soon as a wallet connects (or immediately if one already is).
-   * The CLI calls this before building calldata that needs the owner's address.
-   */
-  waitForWallet(timeoutMs = 5 * 60 * 1e3) {
-    if (this._connectedWallet) return Promise.resolve(this._connectedWallet);
-    return new Promise((res, rej) => {
-      const timer = setTimeout(
-        () => rej(new Error("Timed out waiting for wallet connection in the signing UI")),
-        timeoutMs
-      );
-      this.walletListeners.push((addr) => {
-        clearTimeout(timer);
-        res(addr);
+  console.log(`Account: ${safe}`);
+  if (stored?.saltNonce != null) {
+    const saltNonce = BigInt(stored.saltNonce);
+    const MAINNET_CHAINS = [1, 8453, 42161, 130];
+    try {
+      const proxyCreationCode = await pc.readContract({
+        address: SAFE_V141.proxyFactory,
+        abi: safeProxyFactoryAbi,
+        functionName: "proxyCreationCode"
       });
-    });
-  }
-  /**
-   * Enqueue a signing request and broadcast it to the UI. Returns the full
-   * request (with generated id). Used by both the in-process path and the HTTP
-   * control plane (POST /requests).
-   */
-  enqueue(req, timeoutMs = 10 * 60 * 1e3) {
-    const id = `req_${Date.now()}_${(0, import_node_crypto2.randomBytes)(6).toString("hex")}`;
-    const request = { ...req, id, createdAt: Date.now() };
-    const timer = setTimeout(() => {
-      if (this.pending.has(id)) {
-        this.pending.delete(id);
-        this.recordResult(
-          {
-            status: "rejected",
-            requestId: id,
-            reason: `timed out after ${timeoutMs / 1e3}s`
-          },
-          request
+      const ownerAddr2 = stored.owner ? getAddress(stored.owner) : null;
+      const managerAddr2 = stored.manager ? getAddress(stored.manager) : null;
+      if (ownerAddr2 && managerAddr2) {
+        console.log(
+          `
+Multi-chain addresses (salt ${saltNonce}, owner ${ownerAddr2}, manager ${managerAddr2}):`
         );
+        const CHAIN_NAMES = { 1: "Ethereum", 8453: "Base", 42161: "Arbitrum", 130: "Unichain" };
+        const deployedChains = /* @__PURE__ */ new Set([
+          stored.chainId,
+          ...stored.deployedChains ?? []
+        ]);
+        const predictions = [];
+        for (const cid of MAINNET_CHAINS) {
+          const dep = sailDeployments[cid];
+          const { predicted } = buildSmaAddressPrediction(
+            dep,
+            ownerAddr2,
+            managerAddr2,
+            saltNonce,
+            proxyCreationCode
+          );
+          predictions.push(predicted.toLowerCase());
+          const isPrimary = cid === stored.chainId && predicted.toLowerCase() === stored.safe.toLowerCase() && (safe == null || safe.toLowerCase() === stored.safe.toLowerCase());
+          const isRecorded = deployedChains.has(cid);
+          const label = isPrimary ? "deployed (this account)" : isRecorded ? `${predicted}  \u2713 deployed (recorded)` : predicted;
+          console.log(`  ${CHAIN_NAMES[cid].padEnd(12)} (${cid}):  ${label}`);
+        }
+        if (new Set(predictions).size === 1) {
+          console.log("  \u2713 Same address on all chains \u2014 cross-chain SMA deployment is live.");
+        } else {
+          console.log('  \u26A0  Addresses differ per chain. Run "sailor account predict" for details.');
+        }
       }
-    }, timeoutMs);
-    this.pending.set(id, { request, timer });
-    this.broadcast({ type: "request", request });
-    return request;
+    } catch {
+    }
+  } else if (stored) {
+    console.log(
+      "\nMulti-chain addresses: saltNonce not stored (deployed before salt tracking)."
+    );
+    console.log("  To enable: re-deploy with sailor onboard --new-sma --salt 0");
   }
-  /**
-   * Resolve once a result for `id` is available (immediately if already
-   * resolved). Resolves to `null` if `timeoutMs` elapses first.
-   */
-  waitForResult(id, timeoutMs) {
-    const existing = this.results.get(id);
-    if (existing) return Promise.resolve(existing);
-    return new Promise((res) => {
-      const timer = setTimeout(() => {
-        this.resultWaiters.get(id)?.delete(waiter);
-        res(null);
-      }, timeoutMs);
-      const waiter = (r) => {
-        clearTimeout(timer);
-        res(r);
-      };
-      if (!this.resultWaiters.has(id)) this.resultWaiters.set(id, /* @__PURE__ */ new Set());
-      this.resultWaiters.get(id)?.add(waiter);
-    });
+  if (permissions.length === 0) {
+    console.log(
+      "\n\u26A0 No permissions registered \u2014 every dispatch will be denied (NoPermissionsRegistered)."
+    );
+    console.log('  Register at least one with "sailor mandate attach".');
+    return;
   }
-  /** Push a signing request to the UI and await the user's response (in-process). */
-  async requestSignature(req, timeoutMs = 10 * 60 * 1e3) {
-    const request = this.enqueue(req, timeoutMs);
-    const result = await this.waitForResult(request.id, timeoutMs + 2e3);
-    if (!result) {
-      throw new Error(`Signing request "${request.title}" timed out after ${timeoutMs / 1e3}s`);
+  console.log(`
+Registered permissions (${permissions.length}):`);
+  if (permsNoCode.length > 0) {
+    console.log(
+      `
+\u26A0 ${permsNoCode.length} registered permission(s) have NO contract code on chain ${chainId} \u2014 dispatches naming them will fail. Verify the address (wrong chain?) or revoke:`
+    );
+    permsNoCode.forEach((p) => console.log(`    ${p}`));
+  }
+  if (caps.dispatchModel === "selective") {
+    permissions.forEach((p, i) => console.log(`  ${i + 1}. ${p}`));
+    console.log("\nEach dispatch names one permission, so pass-through is not required.");
+    return;
+  }
+  for (let i = 0; i < checks.length; i++) {
+    const c = checks[i];
+    const mark = c.passesThrough ? "\u2713 pass-through" : "\u2717 NOT pass-through";
+    console.log(`  ${i + 1}. ${c.permission}  ${mark}${c.note ? `  (${c.note})` : ""}`);
+  }
+  if (multiBricking) {
+    console.log(
+      `
+\u2717 ${bricking.length} permission(s) return false for unrelated calls. On this kernel EVERY registered permission must approve EVERY call, so these BRICK all dispatches (they surface as PermissionDenied). Revoke or replace them with pass-through versions:`
+    );
+    bricking.forEach((c) => console.log(`    ${c.permission}`));
+  } else if (permissions.length > 1) {
+    console.log("\n\u2713 All permissions pass through unrelated calls \u2014 dispatch will not be bricked.");
+  }
+  console.log(`
+Probe is heuristic: an unknown selector (${PROBE_SELECTOR}) to a neutral target (${PROBE_TARGET}).`);
+}
+
+// src/commands/init.ts
+var import_node_fs8 = __toESM(require("node:fs"), 1);
+var import_node_path7 = __toESM(require("node:path"), 1);
+
+// src/lib/foundry.ts
+var import_node_fs7 = require("node:fs");
+var import_node_path6 = require("node:path");
+var FOUNDRY_TOML = `[profile.default]
+src = "mandates"
+out = "out"
+libs = ["lib"]
+remappings = ["@sail/=.sail/contracts/"]
+solc = "0.8.26"
+optimizer = true
+optimizer_runs = 200
+# Mandates are deployed as standalone contracts and configured via their
+# constructor, then attached to a Safe with \`sailor mandate attach\`.
+`;
+var IPERMISSION_SOL = `// SPDX-License-Identifier: MIT
+pragma solidity 0.8.26;
+
+/// @notice Execution context passed to every permission on each dispatch call.
+/// @dev    Read-only snapshot of the transaction environment (staticcall).
+struct Context {
+    address account;        // the Safe whose assets are being moved
+    address manager;        // the delegated signer who submitted the dispatch
+    address submitter;      // msg.sender of the dispatch (may be a relayer)
+    address target;         // the call target
+    bytes4  selector;       // leading 4 bytes of calldata
+    uint256 value;          // native ETH forwarded (wei)
+    uint256 blockTimestamp; // block.timestamp at dispatch
+    uint256 blockNumber;    // block.number at dispatch
+}
+
+/// @title  IPermission
+/// @notice Interface every Sail permission (mandate) contract must implement.
+/// @dev    Evaluated via staticcall with a fixed gas cap; a revert or gas
+///         exhaustion is treated as \`false\`. Must not mutate state.
+interface IPermission {
+    /// @notice Decide whether a manager-submitted transaction is permitted.
+    function evaluate(bytes calldata txData, Context calldata ctx) external view returns (bool);
+
+    /// @notice Optional stable identifier for off-chain indexing/deduplication.
+    function discriminator() external view returns (bytes32);
+}
+`;
+var EXAMPLE_MANDATE_SOL = `// SPDX-License-Identifier: MIT
+pragma solidity 0.8.26;
+
+import {IPermission, Context} from "@sail/interfaces/IPermission.sol";
+
+/// @title  BoundedCallPermission
+/// @notice General-purpose IPermission primitive. Bounds the universal properties of any call:
+///         allowed targets, allowed selectors, and max ETH value. Protocol-agnostic.
+///         For calldata-parameter bounds (amount caps, recipient checks, slippage), write a
+///         protocol-specific permission \u2014 see examples/permissions/ for the pattern per protocol.
+/// @dev Deploy one instance per SMA with constructor-configured parameters.
+contract BoundedCallPermission is IPermission {
+    bytes32 private constant DISCRIMINATOR = keccak256("BoundedCallPermission");
+
+    mapping(address => bool) public isAllowedTarget;
+    mapping(bytes4 => bool) public isAllowedSelector;
+    bool public immutable SELECTOR_FILTERING;
+    uint256 public immutable MAX_VALUE;
+
+    constructor(address[] memory allowedTargets, bytes4[] memory allowedSelectors, uint256 maxValue) {
+        for (uint256 i = 0; i < allowedTargets.length; i++) isAllowedTarget[allowedTargets[i]] = true;
+        SELECTOR_FILTERING = allowedSelectors.length > 0;
+        for (uint256 i = 0; i < allowedSelectors.length; i++) isAllowedSelector[allowedSelectors[i]] = true;
+        MAX_VALUE = maxValue;
     }
-    return result;
-  }
-  recordResult(response, request) {
-    const id = response.requestId;
-    if (this.results.has(id)) return;
-    this.results.set(id, response);
-    const waiters2 = this.resultWaiters.get(id);
-    if (waiters2) {
-      for (const w of waiters2) w(response);
-      this.resultWaiters.delete(id);
+
+    function evaluate(bytes calldata, Context calldata ctx) external view returns (bool) {
+        if (!isAllowedTarget[ctx.target]) return false;
+        if (SELECTOR_FILTERING && !isAllowedSelector[ctx.selector]) return false;
+        if (ctx.value > MAX_VALUE) return false;
+        return true;
     }
-    this.broadcast({ type: "request-resolved", requestId: id });
-    setTimeout(() => this.results.delete(id), 10 * 60 * 1e3).unref?.();
-    this.logOwnerActivity(response, request);
+
+    function discriminator() external pure returns (bytes32) { return DISCRIMINATOR; }
+}
+`;
+var MANDATES_README = `# Mandates
+
+Solidity permission contracts for this Sailor project live here.
+
+A permission implements \`@sail/interfaces/IPermission.sol\` \u2014 \`evaluate(txData, ctx)\`
+returns \`true\` to permit a manager-submitted dispatch, \`false\` to block it.
+
+## Authoring + deploying
+
+1. Start from \`BoundedCallPermission.sol\` for target/selector/value gating.
+   For calldata-parameter bounds (amount caps, slippage, recipient checks),
+   decode \`txData\` with the target protocol's ABI and add bounds to \`evaluate()\`.
+   Configure all parameters in the **constructor** \u2014 the deploy flow expects a
+   single creation transaction to fully set up the permission.
+2. Compile:
+   \`\`\`bash
+   forge build
+   \`\`\`
+3. Deploy it (the owner signs the creation tx in the browser signing UI):
+   \`\`\`bash
+   sailor mandate deploy --contract BoundedCallPermission \\
+     --args '[["0xTarget1", "0xTarget2"], [], 0]'
+   \`\`\`
+   Args: (allowedTargets[], allowedSelectors[], maxValue).
+   Pass an empty selector array [] to skip selector filtering.
+   Pass 0 for maxValue to block all ETH transfers.
+4. Attach it to a Safe:
+   \`\`\`bash
+   sailor mandate attach --address 0xDeployed --sma 0xSafe
+   \`\`\`
+   (or pass \`--attach --sma 0xSafe\` to \`deploy\` to do both at once.)
+
+Compiled artifacts are written to \`out/\` and the deployed address is tracked in
+\`.sail/state/mandates.json\`.
+`;
+function scaffoldFoundryWorkspace(root) {
+  const dirs = [(0, import_node_path6.join)(root, "mandates"), (0, import_node_path6.join)(root, ".sail", "contracts", "interfaces")];
+  for (const d of dirs) {
+    if (!(0, import_node_fs7.existsSync)(d)) (0, import_node_fs7.mkdirSync)(d, { recursive: true });
   }
-  /**
-   * Append the owner's signing decision to the unified activity log. This is
-   * the single place every owner action lands — whether the request was
-   * approved (a signed tx or an off-chain EIP-712 signature) or rejected — so
-   * the dashboard's Recent Activity can show what the owner did, alongside the
-   * agent's dispatches. We only log when the originating request is known
-   * (its `kind`/`title` give the event meaning); a bare result with no request
-   * carries nothing worth showing.
-   */
-  logOwnerActivity(response, request) {
-    if (!request) return;
-    const base2 = {
-      ts: nowIso(),
-      actor: "owner",
-      kind: request.kind,
-      title: request.title,
-      chainId: request.chainId
-    };
-    let event;
-    if (response.status === "signed") {
-      event = { ...base2, type: "owner_signed", txHash: response.txHash };
-    } else if (response.status === "signature") {
-      event = { ...base2, type: "owner_signed", offchain: true };
+  writeIfMissing((0, import_node_path6.join)(root, "foundry.toml"), FOUNDRY_TOML);
+  writeIfMissing(
+    (0, import_node_path6.join)(root, ".sail", "contracts", "interfaces", "IPermission.sol"),
+    IPERMISSION_SOL
+  );
+  writeIfMissing((0, import_node_path6.join)(root, "mandates", "BoundedCallPermission.sol"), EXAMPLE_MANDATE_SOL);
+  writeIfMissing((0, import_node_path6.join)(root, "mandates", "README.md"), MANDATES_README);
+}
+function writeIfMissing(path8, content) {
+  if (!(0, import_node_fs7.existsSync)(path8)) (0, import_node_fs7.writeFileSync)(path8, content, "utf8");
+}
+
+// src/commands/init.ts
+var TEMPLATE_COPY_EXCLUDES = /* @__PURE__ */ new Set([
+  "node_modules",
+  "dist",
+  "out",
+  "cache",
+  "broadcast",
+  ".git"
+]);
+function copyDirSync(src, dest) {
+  import_node_fs8.default.mkdirSync(dest, { recursive: true });
+  for (const entry of import_node_fs8.default.readdirSync(src, { withFileTypes: true })) {
+    if (TEMPLATE_COPY_EXCLUDES.has(entry.name)) continue;
+    const srcPath = import_node_path7.default.join(src, entry.name);
+    const destName = entry.name === "_gitignore" ? ".gitignore" : entry.name;
+    const destPath = import_node_path7.default.join(dest, destName);
+    if (entry.isDirectory()) {
+      copyDirSync(srcPath, destPath);
     } else {
-      event = { ...base2, type: "owner_rejected", reason: response.reason };
-    }
-    try {
-      appendActivity(event, (0, import_node_path7.join)(this.projectRoot, ".sail"));
-    } catch {
+      import_node_fs8.default.copyFileSync(srcPath, destPath);
     }
   }
-  /** Path to `<projectRoot>/.sail/<...segments>`. */
-  sailFile(...segments) {
-    return (0, import_node_path7.join)(this.projectRoot, ".sail", ...segments);
+}
+var SAIL_WORKSPACE_README = `# Sailor Project Workspace
+
+This folder is the local workspace for one Sailor agent deployment.
+
+## Layout
+
+- \`config.json\` is the project manifest: name, chain, and state location.
+- \`keys/\` stores encrypted local signing keys. Never commit these files.
+- \`runtime/\` is for local UI and signing handoff state.
+- \`state/\` is for persistent agent state, audit logs, and tx history.
+
+AI coding agents should read the project's \`AGENTS.md\` and this folder's \`config.json\`
+before changing strategy code or running commands that touch funds.
+`;
+function writeIfMissing2(file, content) {
+  if (!import_node_fs8.default.existsSync(file)) import_node_fs8.default.writeFileSync(file, content, "utf-8");
+}
+function scaffoldProjectWorkspace(dest, name, options) {
+  const chainId = options.chain ? (() => {
+    const n = Number(options.chain);
+    if (!Number.isInteger(n) || n <= 0) throw new Error(`Invalid chain id: "${options.chain}"`);
+    return n;
+  })() : null;
+  const sailDir2 = import_node_path7.default.join(dest, ".sail");
+  import_node_fs8.default.mkdirSync(import_node_path7.default.join(sailDir2, "keys"), { recursive: true });
+  import_node_fs8.default.mkdirSync(import_node_path7.default.join(sailDir2, "runtime"), { recursive: true });
+  import_node_fs8.default.mkdirSync(import_node_path7.default.join(sailDir2, "state"), { recursive: true });
+  import_node_fs8.default.writeFileSync(
+    import_node_path7.default.join(sailDir2, "config.json"),
+    `${JSON.stringify(
+      {
+        version: 1,
+        name,
+        chainId,
+        // null = chain not yet chosen; Stage 1 will set this
+        stateDir: ".sail/state",
+        createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+        contracts: {
+          kernel: "",
+          mandateFactory: ""
+        }
+      },
+      null,
+      2
+    )}
+`,
+    "utf-8"
+  );
+  writeIfMissing2(import_node_path7.default.join(sailDir2, "README.md"), SAIL_WORKSPACE_README);
+  const chainIdLine = chainId != null ? `CHAIN_ID=${chainId}
+` : `# CHAIN_ID=8453   # set after choosing your chain in Stage 1
+`;
+  import_node_fs8.default.writeFileSync(
+    import_node_path7.default.join(dest, ".env.example"),
+    `# Sailor agent environment
+RPC_URL=https://your-rpc-endpoint
+${chainIdLine}
+# Optional for non-interactive runs
+# SAIL_PASSPHRASE=change-me-to-a-strong-passphrase
+`,
+    "utf-8"
+  );
+  const rpcLine = options.rpcUrl ? `RPC_URL=${options.rpcUrl}` : `# Paste your RPC endpoint here (Alchemy, Infura, or any HTTPS endpoint)
+# RPC_URL=https://your-rpc-endpoint`;
+  const chainLine = chainId != null ? `
+CHAIN_ID=${chainId}` : ``;
+  writeIfMissing2(
+    import_node_path7.default.join(sailDir2, ".env.local"),
+    `${rpcLine}${chainLine}
+
+# Optional for non-interactive runs (CI, GitHub Actions, launchd, systemd)
+# SAIL_PASSPHRASE=change-me-to-a-strong-passphrase
+`
+  );
+}
+async function initCommand(dir, options = {}) {
+  const inPlace = !dir || dir === ".";
+  const dest = inPlace ? process.cwd() : import_node_path7.default.resolve(process.cwd(), dir);
+  const name = import_node_path7.default.basename(dest);
+  const templatesDir = import_node_path7.default.join(packageRoot(), "templates");
+  const templateName = options.template ?? "default";
+  if (/[/\\.]/.test(templateName) || templateName.includes("..")) {
+    throw new Error(`Invalid template name: "${templateName}"`);
   }
-  /** Stream a JSON file back, or a fallback body when it is missing/invalid. */
-  sendJsonFile(res, filePath, fallback2) {
-    try {
-      const raw = (0, import_node_fs8.readFileSync)(filePath, "utf-8");
-      JSON.parse(raw);
-      res.writeHead(200, { "Content-Type": "application/json" });
-      res.end(raw);
-    } catch {
-      res.writeHead(fallback2.status, { "Content-Type": "application/json" });
-      res.end(JSON.stringify(fallback2.body));
-    }
+  const templateSrc = import_node_path7.default.join(templatesDir, templateName);
+  const availableTemplates = () => import_node_fs8.default.existsSync(templatesDir) ? import_node_fs8.default.readdirSync(templatesDir).filter((e) => import_node_fs8.default.existsSync(import_node_path7.default.join(templatesDir, e, "package.json"))).join(", ") || "none" : "none";
+  if (!import_node_fs8.default.existsSync(templateSrc) || !import_node_fs8.default.existsSync(import_node_path7.default.join(templateSrc, "package.json"))) {
+    const available = availableTemplates();
+    const hint = available === "none" ? `
+No templates found under ${templatesDir}.
+If you're running the in-tree CLI bundle from a monorepo checkout, the scaffolder
+couldn't locate the repo's templates/ directory. Install the published package, or
+run from the repo root.` : ` Available: ${available}`;
+    throw new Error(`Template "${templateName}" not found.${hint}`);
   }
-  /**
-   * Persist a Safe deployed/imported from the dashboard. Mirrors the UI data
-   * server's `POST /api/account` (packages/ui/server.js): upsert the SMA into
-   * `state/accounts.json` (so the account switcher and the agent see it) BEFORE
-   * overwriting `account.json` with the new active SMA — the upsert backfills
-   * from the previously-active account.json, so writing it first would drop the
-   * prior SMA.
-   */
-  handleSaveAccount(req, res) {
-    this.readBody(req).then((body) => {
-      const parsed = body ? JSON.parse(body) : {};
-      const { safe, owner: owner2, permissionSigner, manager, chainId, createdAtBlock } = parsed;
-      if (!safe || !owner2 || !chainId) {
-        res.writeHead(400, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "safe, owner, and chainId are required" }));
-        return;
-      }
-      const record = {
-        safe,
-        owner: owner2,
-        permissionSigner: permissionSigner ?? owner2,
-        manager: manager ?? owner2,
-        chainId,
-        createdAtBlock: createdAtBlock ?? "0"
-      };
-      const baseSailDir = this.sailFile();
-      upsertAccountInList(record, void 0, baseSailDir);
-      (0, import_node_fs8.mkdirSync)(baseSailDir, { recursive: true });
-      (0, import_node_fs8.writeFileSync)(this.sailFile("account.json"), `${JSON.stringify(record, null, 2)}
-`);
-      res.writeHead(200, { "Content-Type": "application/json" });
-      res.end(JSON.stringify({ ok: true }));
-    }).catch((err) => {
-      res.writeHead(500, { "Content-Type": "application/json" });
-      res.end(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
-    });
+  const cwd = process.cwd();
+  if (!inPlace && !dest.startsWith(cwd + import_node_path7.default.sep) && dest !== cwd) {
+    throw new Error(`Directory must be inside the current working directory`);
   }
-  /** All known SMAs, annotating the currently-active one (mirrors the UI server). */
-  handleListAccounts(res) {
-    res.writeHead(200, { "Content-Type": "application/json" });
-    let active = null;
-    try {
-      active = JSON.parse((0, import_node_fs8.readFileSync)(this.sailFile("account.json"), "utf-8")).safe;
-    } catch {
-    }
-    try {
-      const accounts = JSON.parse(
-        (0, import_node_fs8.readFileSync)(this.sailFile("state", "accounts.json"), "utf-8")
-      );
-      res.end(
-        JSON.stringify(
-          accounts.map((a) => ({
-            ...a,
-            active: a.safe.toLowerCase() === active?.toLowerCase()
-          }))
-        )
+  if (!inPlace && import_node_fs8.default.existsSync(dest)) {
+    throw new Error(`Directory already exists: ${dest}`);
+  }
+  if (inPlace && import_node_fs8.default.existsSync(import_node_path7.default.join(dest, ".sail", "config.json"))) {
+    throw new Error(`Already initialized \u2014 .sail/config.json exists`);
+  }
+  copyDirSync(templateSrc, dest);
+  const pkgRoot = packageRoot();
+  const examplesPermSrc = import_node_path7.default.join(pkgRoot, "examples", "permissions");
+  if (import_node_fs8.default.existsSync(examplesPermSrc)) {
+    copyDirSync(examplesPermSrc, import_node_path7.default.join(dest, "examples", "permissions"));
+  }
+  const permModelSrc = import_node_path7.default.join(pkgRoot, "docs", "PERMISSION_MODEL.md");
+  if (import_node_fs8.default.existsSync(permModelSrc)) {
+    import_node_fs8.default.mkdirSync(import_node_path7.default.join(dest, "docs"), { recursive: true });
+    writeIfMissing2(import_node_path7.default.join(dest, "docs", "PERMISSION_MODEL.md"), import_node_fs8.default.readFileSync(permModelSrc, "utf-8"));
+  }
+  const pkgPath = import_node_path7.default.join(dest, "package.json");
+  if (import_node_fs8.default.existsSync(pkgPath)) {
+    const pkg = JSON.parse(import_node_fs8.default.readFileSync(pkgPath, "utf-8"));
+    pkg.name = name;
+    const deps = pkg.dependencies ?? {};
+    if (deps["@sail/sdk"] === "workspace:*") {
+      const sdkPath = import_node_path7.default.join(pkgRoot, "packages", "sdk");
+      deps["@sail/sdk"] = import_node_fs8.default.existsSync(sdkPath) ? `file:${sdkPath}` : (
+        // Fallback: SDK not bundled — user must install it manually.
+        "0.1.0"
       );
-    } catch {
-      try {
-        const a = JSON.parse(
-          (0, import_node_fs8.readFileSync)(this.sailFile("account.json"), "utf-8")
-        );
-        res.end(JSON.stringify([{ ...a, name: "My SMA", active: true, addedAt: null }]));
-      } catch {
-        res.end("[]");
-      }
     }
+    pkg.dependencies = deps;
+    import_node_fs8.default.writeFileSync(pkgPath, `${JSON.stringify(pkg, null, 2)}
+`);
   }
-  handleHttp(req, res) {
-    const origin = req.headers.origin;
-    const url0 = (req.url ?? "/").split("?")[0];
-    const isDiscoveryEndpoint = url0 === "/config";
-    const allowedOrigin = isDiscoveryEndpoint && origin?.startsWith("http://localhost:") ? origin : origin === this._url ? origin : this._url;
-    res.setHeader("Access-Control-Allow-Origin", allowedOrigin);
-    res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
-    res.setHeader("Access-Control-Allow-Headers", `Content-Type, ${REQUEST_SECRET_HEADER}`);
-    res.setHeader("Vary", "Origin");
-    if (req.method === "OPTIONS") {
-      res.writeHead(204);
-      res.end();
-      return;
+  scaffoldProjectWorkspace(dest, name, options);
+  scaffoldFoundryWorkspace(dest);
+  printWelcome(
+    dest,
+    name,
+    inPlace,
+    !!options.rpcUrl,
+    /* freshInit */
+    true
+  );
+}
+function chainLabel(chainId) {
+  const labels = {
+    8453: "Base",
+    42161: "Arbitrum",
+    84532: "Base Sepolia",
+    130: "Unichain"
+  };
+  return labels[chainId] ?? `Chain ${chainId}`;
+}
+function detectState(dest) {
+  try {
+    const configRaw = import_node_fs8.default.readFileSync(import_node_path7.default.join(dest, ".sail", "config.json"), "utf-8");
+    const config = JSON.parse(configRaw);
+    const projectName = config.name ?? import_node_path7.default.basename(dest);
+    const accountPath = import_node_path7.default.join(dest, ".sail", "account.json");
+    if (!import_node_fs8.default.existsSync(accountPath)) {
+      return { kind: "B", projectName, chain: chainLabel(config.chainId ?? 0) };
     }
-    const url = (req.url ?? "/").split("?")[0];
-    if (url === "/config") {
-      const isTrustedOrigin = !origin || origin === this._url;
-      const wsUrlForClient = isTrustedOrigin ? `${this.wsUrl}?secret=${encodeURIComponent(this.requestSecret)}` : this.wsUrl;
-      res.writeHead(200, { "Content-Type": "application/json" });
-      res.end(
-        JSON.stringify({
-          url: this._url,
-          wsUrl: wsUrlForClient,
-          port: this.port,
-          pid: process.pid,
-          pendingCount: this.pending.size
-        })
+    const accountRaw = import_node_fs8.default.readFileSync(accountPath, "utf-8");
+    const account2 = JSON.parse(accountRaw);
+    const sma = account2.safe ?? "";
+    const chain2 = chainLabel(account2.chainId ?? config.chainId ?? 0);
+    let permissionCount = 0;
+    try {
+      const mandatesRaw = import_node_fs8.default.readFileSync(
+        import_node_path7.default.join(dest, ".sail", "state", "mandates.json"),
+        "utf-8"
       );
-      return;
-    }
-    const secretHeader = req.headers[REQUEST_SECRET_HEADER];
-    const isAuthenticated = secretHeader === this.requestSecret;
-    if (url === "/pending") {
-      if (!isAuthenticated) {
-        res.writeHead(403, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "forbidden" }));
-        return;
-      }
-      res.writeHead(200, { "Content-Type": "application/json" });
-      res.end(JSON.stringify(Array.from(this.pending.values()).map((e) => e.request)));
-      return;
-    }
-    if (url === "/wallet") {
-      if (!isAuthenticated) {
-        res.writeHead(403, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "forbidden" }));
-        return;
-      }
-      res.writeHead(200, { "Content-Type": "application/json" });
-      res.end(JSON.stringify({ address: this._connectedWallet ?? null }));
-      return;
-    }
-    if (url === "/requests" && req.method === "POST") {
-      const supplied = req.headers[REQUEST_SECRET_HEADER];
-      if (supplied !== this.requestSecret) {
-        res.writeHead(403, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "forbidden" }));
-        return;
-      }
-      this.readBody(req).then((body) => {
-        const parsed = JSON.parse(body);
-        if (!parsed.kind || !["create-sma", "deploy-mandate", "register-permission", "attach-mandate", "revoke-permissions", "set-delegate", "arbitrary-tx"].includes(parsed.kind)) {
-          throw new Error(`Unknown signing request kind: ${String(parsed.kind)}`);
-        }
-        const request = this.enqueue(parsed);
-        res.writeHead(200, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ id: request.id }));
-      }).catch((err) => {
-        res.writeHead(400, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
-      });
-      return;
-    }
-    if (url === "/api/account" && req.method === "POST") {
-      this.handleSaveAccount(req, res);
-      return;
-    }
-    if (url === "/api/account" && (req.method === "GET" || req.method == null)) {
-      this.sendJsonFile(res, (0, import_node_path7.join)(this.projectRoot, ".sail", "account.json"), {
-        status: 404,
-        body: { error: "account not found" }
-      });
-      return;
+      const mandates = JSON.parse(mandatesRaw);
+      permissionCount = Array.isArray(mandates.mandates) ? mandates.mandates.length : 0;
+    } catch {
     }
-    if (url === "/api/accounts" && (req.method === "GET" || req.method == null)) {
-      this.handleListAccounts(res);
-      return;
+    if (permissionCount > 0) {
+      return { kind: "D", projectName, chain: chain2, sma, permissionCount };
     }
-    const resultMatch = url.match(/^\/requests\/([^/]+)\/result$/);
-    if (resultMatch && (req.method === "GET" || req.method == null)) {
-      if (!isAuthenticated) {
-        res.writeHead(403, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "forbidden" }));
-        return;
-      }
-      const id = decodeURIComponent(resultMatch[1]);
-      this.waitForResult(id, RESULT_LONGPOLL_MS).then((result) => {
-        if (result) {
-          res.writeHead(200, { "Content-Type": "application/json" });
-          res.end(JSON.stringify(result));
-        } else {
-          res.writeHead(204);
-          res.end();
-        }
-      });
+    return { kind: "C", projectName, chain: chain2, sma };
+  } catch {
+    return { kind: "A" };
+  }
+}
+function printWelcome(dest, name, inPlace, hasRpc, freshInit = false) {
+  const state = freshInit ? { kind: "A" } : detectState(dest);
+  if (state.kind === "B") {
+    console.log("\nWelcome back.\n");
+    console.log(`Project: ${state.projectName} | Network: ${state.chain}`);
+    console.log("Status: SMA not yet deployed.\n");
+    console.log("Next:");
+    console.log("  sailor ui start");
+    console.log("  Connect your wallet and deploy your SMA in the browser.\n");
+    console.log('Or open this folder in your AI coding assistant and say: "continue"');
+    return;
+  }
+  if (state.kind === "C") {
+    console.log("\nWelcome back.\n");
+    console.log(`Project: ${state.projectName}`);
+    console.log(`SMA: ${state.sma} on ${state.chain}`);
+    console.log(
+      "Permissions: none registered yet \u2014 your agent has no mandate to execute against.\n"
+    );
+    console.log("Next:");
+    console.log(
+      "  Write your permission contract in mandates/ (start from BoundedCallPermission.sol)"
+    );
+    console.log("  forge build");
+    console.log(`  sailor mandate deploy --contract <Name> --attach --sma ${state.sma}
+`);
+    console.log('Or open this folder in your AI coding assistant and say: "continue"');
+    return;
+  }
+  if (state.kind === "D") {
+    console.log("\nWelcome back.\n");
+    console.log(`Project: ${state.projectName}`);
+    console.log(`SMA: ${state.sma} on ${state.chain}`);
+    console.log(`Permissions: ${state.permissionCount} registered
+`);
+    console.log('Open this folder in your AI coding assistant and say: "continue"');
+    return;
+  }
+  if (!inPlace) console.log(`
+Created ${name}/`);
+  console.log("\nYour Sail agent project is ready. Open your AI coding assistant in this folder and say start.");
+}
+
+// src/commands/keys.ts
+var import_node_fs9 = __toESM(require("node:fs"), 1);
+var import_node_path8 = __toESM(require("node:path"), 1);
+async function keysGenerate() {
+  const roleInput = await prompt("Which key? (agent wallet / mandate signer)", "agent wallet");
+  const role = normalizeRole(roleInput);
+  if (!role) {
+    throw new Error(`Unknown key role: "${roleInput}". Choose "agent wallet" or "mandate signer".`);
+  }
+  if (fileExists(keyPath(role))) {
+    const overwrite = await confirm(
+      `A ${roleLabel(role)} key already exists at .sail/keys/${role}.json. Overwrite it?`
+    );
+    if (!overwrite) {
+      console.log("Aborted \u2014 existing key left untouched.");
       return;
     }
-    if (this.uiDist) {
-      const rawPath = (req.url ?? "/").split("?")[0];
-      const filePath = (0, import_node_path7.resolve)((0, import_node_path7.join)(this.uiDist, rawPath === "/" ? "index.html" : rawPath));
-      if (!filePath.startsWith((0, import_node_path7.resolve)(this.uiDist))) {
-        res.writeHead(403);
-        res.end();
-        return;
-      }
-      if ((0, import_node_fs8.existsSync)(filePath)) {
-        const mime = MIME[(0, import_node_path7.extname)(filePath)] ?? "application/octet-stream";
-        res.writeHead(200, { "Content-Type": mime });
-        res.end((0, import_node_fs8.readFileSync)(filePath));
-        return;
-      }
-      const indexHtml = (0, import_node_path7.join)(this.uiDist, "index.html");
-      if ((0, import_node_fs8.existsSync)(indexHtml)) {
-        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
-        res.end((0, import_node_fs8.readFileSync)(indexHtml));
-        return;
-      }
-    }
-    res.writeHead(404);
-    res.end();
   }
-  handleConnection(ws) {
-    this.clients.add(ws);
-    const msg = {
-      type: "pending",
-      requests: Array.from(this.pending.values()).map((e) => e.request)
-    };
-    ws.send(JSON.stringify(msg));
-    ws.on("message", (data) => {
-      try {
-        const parsed = JSON.parse(data.toString());
-        this.handleClientMessage(ws, parsed);
-      } catch {
+  const password = await promptHidden("Set a password to encrypt the key");
+  if (password.length < 8) {
+    throw new Error("Password must be at least 8 characters.");
+  }
+  const confirmation = await promptHidden("Confirm password");
+  if (password !== confirmation) {
+    throw new Error("Passwords do not match.");
+  }
+  const keyring = LocalKeyring.generate();
+  const keystore = await keyring.exportKeystore(password);
+  writeJsonFile(keyPath(role), keystore);
+  const label = role === "manager" ? "Agent wallet" : "Mandate signer";
+  console.log(`
+${label} key saved. Address: ${checksum4(keyring.address)}`);
+  console.log(`Encrypted keystore written to .sail/keys/${role}.json`);
+  if (role === "manager") {
+    const save = await confirm(
+      "\nSave passphrase to .sail/.env.local for non-interactive use? (required for CI/GitHub Actions)"
+    );
+    if (save) {
+      const envPath = sailPath(".env.local");
+      let content = "";
+      if (import_node_fs9.default.existsSync(envPath)) {
+        content = import_node_fs9.default.readFileSync(envPath, "utf-8");
+        content = content.replace(/^SAIL_PASSPHRASE=.*\n?/m, "");
       }
-    });
-    ws.on("close", () => this.clients.delete(ws));
-    ws.on("error", () => this.clients.delete(ws));
-  }
-  handleClientMessage(_ws, msg) {
-    if (msg.type === "wallet-connected") {
-      if (typeof msg.address !== "string" || !/^0x[0-9a-fA-F]{40}$/.test(msg.address)) return;
-      this._connectedWallet = msg.address;
-      for (const listener of this.walletListeners) listener(msg.address);
-      this.walletListeners = [];
-      return;
-    }
-    if (msg.type === "wallet-disconnected") {
-      this._connectedWallet = void 0;
-      return;
-    }
-    const entry = this.pending.get(msg.requestId);
-    if (!entry) return;
-    clearTimeout(entry.timer);
-    this.pending.delete(msg.requestId);
-    const { request } = entry;
-    if (msg.type === "signed") {
-      this.recordResult(
-        { status: "signed", requestId: msg.requestId, txHash: msg.txHash },
-        request
-      );
-    } else if (msg.type === "signature") {
-      this.recordResult(
-        { status: "signature", requestId: msg.requestId, signature: msg.signature },
-        request
-      );
+      content = content.trimEnd() + (content.length > 0 ? "\n" : "") + `SAIL_PASSPHRASE=${password}
+`;
+      import_node_fs9.default.mkdirSync(import_node_path8.default.dirname(envPath), { recursive: true });
+      import_node_fs9.default.writeFileSync(envPath, content, { mode: 384 });
+      console.log("\u2713 SAIL_PASSPHRASE saved to .sail/.env.local (mode 0600)");
+      console.log("  sailor run will now work non-interactively.");
     } else {
-      this.recordResult(
-        {
-          status: "rejected",
-          requestId: msg.requestId,
-          reason: msg.reason
-        },
-        request
-      );
+      console.log("\nTo run non-interactively, add this to .sail/.env.local:");
+      console.log(`  SAIL_PASSPHRASE=<your-passphrase>`);
     }
   }
-  readBody(req, maxBytes = 1e6) {
-    return new Promise((res, rej) => {
-      let size5 = 0;
-      const chunks = [];
-      req.on("data", (c) => {
-        size5 += c.length;
-        if (size5 > maxBytes) {
-          rej(new Error("Request body too large"));
-          req.destroy();
-          return;
-        }
-        chunks.push(c);
-      });
-      req.on("end", () => res(Buffer.concat(chunks).toString("utf8")));
-      req.on("error", rej);
-    });
+}
+async function keysExportCi() {
+  const account2 = readJsonFile(sailPath("account.json"));
+  const src = resolveKeyPath("manager", account2?.safe);
+  if (!fileExists(src)) {
+    throw new Error(
+      'No agent wallet keystore found.\nComplete Stage 1 (browser UI) to generate your agent wallet, or run\n"sailor keys generate" and choose "agent wallet" to create one manually.'
+    );
   }
-  broadcast(msg) {
-    const data = JSON.stringify(msg);
-    for (const ws of this.clients) {
-      if (ws.readyState === import_websocket2.default.OPEN) ws.send(data);
+  const dest = import_node_path8.default.resolve(process.cwd(), "ci-keystore.json");
+  import_node_fs9.default.copyFileSync(src, dest);
+  console.log(`\u2713 Keystore copied to ci-keystore.json`);
+  console.log(`  Source: ${src}`);
+  const gitignorePath = import_node_path8.default.resolve(process.cwd(), ".gitignore");
+  if (import_node_fs9.default.existsSync(gitignorePath)) {
+    const content = import_node_fs9.default.readFileSync(gitignorePath, "utf-8");
+    if (!content.includes("ci-keystore.json")) {
+      import_node_fs9.default.appendFileSync(
+        gitignorePath,
+        "\n# CI keystore \u2014 encrypted agent wallet, safe to commit\n!ci-keystore.json\n"
+      );
+      console.log("\u2713 Added !ci-keystore.json allowlist entry to .gitignore");
+    } else {
+      console.log("\u2713 .gitignore already tracks ci-keystore.json");
     }
   }
-  writeRuntimeState() {
-    if (!(0, import_node_fs8.existsSync)(this.runtimeDir)) (0, import_node_fs8.mkdirSync)(this.runtimeDir, { recursive: true });
-    (0, import_node_fs8.writeFileSync)(
-      (0, import_node_path7.join)(this.runtimeDir, SERVER_STATE_FILE),
-      JSON.stringify(
-        {
-          url: this._url,
-          wsUrl: this.wsUrl,
-          port: this.port,
-          startedAt: (/* @__PURE__ */ new Date()).toISOString(),
-          pid: process.pid,
-          requestSecret: this.requestSecret
-        },
-        null,
-        2
-      )
-    );
+  console.log("\nNext steps:");
+  console.log("  1. Add two GitHub Actions secrets (Settings \u2192 Secrets \u2192 Actions):");
+  console.log("       SAIL_PASSPHRASE \u2014 the passphrase that encrypts your agent wallet");
+  console.log("       RPC_URL         \u2014 your RPC endpoint");
+  console.log("  2. Commit and push ci-keystore.json:");
+  console.log('       git add ci-keystore.json && git commit -m "chore: add CI keystore" && git push');
+  console.log("\n  The keystore is encrypted \u2014 the raw private key is never exposed.");
+  console.log("  The workflow at .github/workflows/agent-tick.yml unlocks it with SAIL_PASSPHRASE.");
+}
+async function keysShow() {
+  const present = ROLES.filter((role) => keyExists(role));
+  if (present.length === 0) {
+    console.log("No keys found in .sail/keys/.");
+    console.log('Run "sailor keys generate" to create one.');
+    return;
   }
-  removeRuntimeState() {
-    const path8 = (0, import_node_path7.join)(this.runtimeDir, SERVER_STATE_FILE);
+  console.log("Keys in .sail/keys/:\n");
+  for (const role of present) {
     try {
-      if ((0, import_node_fs8.existsSync)(path8)) (0, import_node_fs8.unlinkSync)(path8);
-    } catch {
+      const keyring = await loadKeyring(role);
+      console.log(`  ${roleLabel(role)}: ${checksum4(keyring.address)}`);
+    } catch (err) {
+      console.log(`  ${role}: ${err.message}`);
     }
   }
-};
-async function findAvailablePort(startPort) {
-  return new Promise((res) => {
-    const probe = (0, import_node_net.createServer)();
-    probe.listen(startPort, "127.0.0.1", () => {
-      const addr = probe.address();
-      probe.close(() => res(addr.port));
-    });
-    probe.on("error", () => res(findAvailablePort(startPort + 1)));
-  });
 }
 
-// src/signing/client.ts
-var RUNTIME_SERVER_FILE = (0, import_node_path8.join)(".sail", "runtime", "server.json");
-var sleep = (ms) => new Promise((r) => setTimeout(r, ms));
-var SigningClient = class {
-  constructor(baseUrl, requestSecret = "") {
-    this.baseUrl = baseUrl;
-    this.requestSecret = requestSecret;
+// src/commands/mandate-contracts.ts
+var import_node_child_process = require("node:child_process");
+var import_node_fs10 = require("node:fs");
+var import_node_path9 = require("node:path");
+init_esm2();
+
+// src/lib/mandates.ts
+var MandateStore = class {
+  filePath;
+  constructor(filePath = sailPath("state", "mandates.json")) {
+    this.filePath = filePath;
   }
-  remote = true;
-  get url() {
-    return this.baseUrl;
+  read() {
+    const parsed = readJsonFile(this.filePath);
+    return { version: 1, mandates: parsed?.mandates ?? [] };
   }
-  async start() {
-    if (!await this.ping()) {
-      throw new Error(`Signing station not reachable at ${this.baseUrl}`);
-    }
+  write(data) {
+    writeJsonFile(this.filePath, data);
   }
-  /** No-op: never tear down a daemon the user is running in another process. */
-  stop() {
+  list() {
+    return this.read().mandates;
   }
-  async ping() {
-    try {
-      const r = await fetch(`${this.baseUrl}/config`, { signal: AbortSignal.timeout(1500) });
-      return r.ok;
-    } catch {
-      return false;
-    }
+  /** Find a tracked mandate by address (case-insensitive) or by exact name. */
+  find(addressOrName) {
+    const needle = addressOrName.toLowerCase();
+    return this.read().mandates.find(
+      (m) => m.address.toLowerCase() === needle || m.name === addressOrName
+    );
   }
-  async requestSignature(req, timeoutMs = 10 * 60 * 1e3) {
-    const enqueueRes = await fetch(`${this.baseUrl}/requests`, {
-      method: "POST",
-      headers: { "Content-Type": "application/json", "x-sailor-secret": this.requestSecret },
-      body: JSON.stringify(req)
-    });
-    if (!enqueueRes.ok) {
-      throw new Error(`Failed to enqueue signing request (HTTP ${enqueueRes.status})`);
-    }
-    const { id } = await enqueueRes.json();
-    const deadline = Date.now() + timeoutMs;
-    while (Date.now() < deadline) {
-      const res = await fetch(`${this.baseUrl}/requests/${encodeURIComponent(id)}/result`, {
-        headers: { "x-sailor-secret": this.requestSecret }
-      });
-      if (res.status === 200) return await res.json();
-      if (res.status !== 204) {
-        throw new Error(`Unexpected result status ${res.status} from signing station`);
-      }
-    }
-    throw new Error(`Signing request "${req.title}" timed out after ${timeoutMs / 1e3}s`);
+  /** Append a newly deployed mandate (replacing any prior record at the same address). */
+  add(mandate2) {
+    const data = this.read();
+    data.mandates = data.mandates.filter(
+      (m) => m.address.toLowerCase() !== mandate2.address.toLowerCase()
+    );
+    data.mandates.push(mandate2);
+    this.write(data);
   }
-  async waitForWallet(timeoutMs = 5 * 60 * 1e3) {
-    const deadline = Date.now() + timeoutMs;
-    while (Date.now() < deadline) {
-      try {
-        const r = await fetch(`${this.baseUrl}/wallet`, {
-          headers: { "x-sailor-secret": this.requestSecret },
-          signal: AbortSignal.timeout(2e3)
-        });
-        if (r.ok) {
-          const { address } = await r.json();
-          if (address) return address;
-        }
-      } catch {
-      }
-      await sleep(1e3);
-    }
-    throw new Error("Timed out waiting for wallet connection in the signing UI");
+  /** Record that a tracked mandate was attached to an SMA. */
+  recordAttachment(address, attachment) {
+    const data = this.read();
+    const mandate2 = data.mandates.find((m) => m.address.toLowerCase() === address.toLowerCase());
+    if (!mandate2) return;
+    mandate2.attachments ??= [];
+    mandate2.attachments.push({ ...attachment, at: (/* @__PURE__ */ new Date()).toISOString() });
+    this.write(data);
   }
 };
-function readRuntimeServerState(projectRoot) {
-  const file = (0, import_node_path8.join)(projectRoot, RUNTIME_SERVER_FILE);
-  if (!(0, import_node_fs9.existsSync)(file)) return null;
-  try {
-    return JSON.parse((0, import_node_fs9.readFileSync)(file, "utf8"));
-  } catch {
-    return null;
-  }
-}
-async function discoverDaemon(projectRoot = process.cwd()) {
-  const state = readRuntimeServerState(projectRoot);
-  if (!state?.url) return null;
-  const client = new SigningClient(state.url, state.requestSecret ?? "");
-  return await client.ping() ? client : null;
-}
-async function createSigningChannel(projectRoot = process.cwd()) {
-  const daemon = await discoverDaemon(projectRoot);
-  if (daemon) return daemon;
-  return new SigningServer({ projectRoot, advertise: false });
-}
 
 // src/commands/onboard.ts
 init_esm2();
@@ -41275,6 +41578,12 @@ async function runDeployClone(project, channel, options) {
       `Unsupported clone template "${options.template}". Supported: ${Object.keys(CLONE_TEMPLATES).join(", ")}`
     );
   }
+  const templateMap = project.deployment.standaloneTemplates ?? {};
+  if (Object.keys(templateMap).length === 0) {
+    throw new Error(
+      `No clone templates are available on chain ${project.chainId} yet \u2014 templates are pending redeployment against the new kernel (${project.deployment.kernel}). Deploy your permission directly with \`sailor mandate deploy\` instead.`
+    );
+  }
   const impl = project.deployment.standaloneTemplates?.[options.template];
   if (!impl || !isAddress(impl, { strict: false })) {
     throw new Error(
@@ -41314,7 +41623,7 @@ async function runDeployClone(project, channel, options) {
       [sma, impl, BigInt(Math.floor(Date.now() / 1e3))]
     )
   );
-  const clone = predictCloneAddress(impl, project.contracts.permissionFactory, submitter, salt);
+  const clone = predictCloneAddress(impl, project.contracts.mandateFactory, submitter, salt);
   say(() => {
     console.log(`
 ${spec.label} clone (${options.template})`);
@@ -41414,7 +41723,7 @@ Connect the owner wallet (mandate signer) in the browser \u2014 the agent wallet
     args: [sma, impl, salt, initData, deadline, signature]
   });
   const txHash = await walletClient.sendTransaction({
-    to: project.contracts.permissionFactory,
+    to: project.contracts.mandateFactory,
     data,
     value: fee,
     account: agentSigner.viemAccount,
@@ -43639,6 +43948,7 @@ account.command("predict").description(
   "--manager <address>",
   "Agent (manager) wallet \u2014 mixed into the kernel salt (defaults to .sail/account.json)"
 ).option("--salt <n>", "CREATE2 salt nonce (default: 0)").option("--chain <id>", "Show prediction for one chain only").option("--json", "Emit machine-readable JSON").action(actionWith(accountPredict));
+account.command("deploy-chain").description("Deploy the same SMA address on an additional chain using the same owner, manager, and salt").requiredOption("--chain <id>", "Target EVM chain ID (e.g. 8453, 42161, 130, 1)").option("--salt <n>", "CREATE2 salt (defaults to saltNonce stored in .sail/account.json)").option("--json", "Emit machine-readable JSON").action(actionWith(accountDeployChain));
 account.command("rotate-signer").description("Rotate the SMA's delegated signer (agent wallet) and re-approve its mandates").option("--sma <address>", "SMA to rotate (defaults to the active account)").option("--to <address>", "Rotate to an existing agent-wallet address instead of generating one").option("--generate", "Generate a fresh local agent wallet (default when --to is omitted)").option("--skip-reattach", "Do not re-approve the previously-attached mandates").option("--reattach-only", "Skip rotation; only re-approve mandates (resume after funding)").option("--json", "Machine-readable output").action(actionWith(rotateSigner));
 var mandate = program2.command("mandate").description("Manage mandates");
 mandate.command("prepare").description("Prepare a mandate draft for review and signing in the UI (MetaMask)").action(action(mandatePrepare));